Logdatei von adwCleaner nach neustart Code:
# AdwCleaner v4.203 - Bericht erstellt 01/05/2015 um 19:30:37
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-04-30.2 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : 635csiXXX - CC1
# Gestarted von : C:\Users\635csiXXX\Desktop\adwcleaner_4.203(1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\FLV Player
Ordner Gelöscht : C:\Users\635csiXXX\AppData\Local\b1e
Datei Gelöscht : C:\Users\635csiXXX\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
Datei Gelöscht : C:\Users\635csiXXX\AppData\Roaming\Mozilla\Firefox\Profiles\faf0xczk.default\invalidprefs.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaLogic\Delta Force Black Hawk Down\Uninstall.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 de)
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R0].txt - [2573 Bytes] - [01/05/2015 16:44:46]
AdwCleaner[R1].txt - [2638 Bytes] - [01/05/2015 16:48:15]
AdwCleaner[R2].txt - [2696 Bytes] - [01/05/2015 19:29:31]
AdwCleaner[S0].txt - [2611 Bytes] - [01/05/2015 19:30:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2670 Bytes] ##########
AntimaleWare log Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 01.05.2015
Suchlauf-Zeit: 19:49:09
Logdatei: Anti-malware log.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.05.01.05
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: 635csiXXX
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 347570
Verstrichene Zeit: 14 Min, 43 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Deaktiviert
Rootkits: Aktiviert
Heuristik: Deaktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)
Registrierungswerte: 0
(Keine schädliche Elemente gefunden)
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 0
(Keine schädliche Elemente gefunden)
Dateien: 0
(Keine schädliche Elemente gefunden)
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
Code:
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
( ) C:\Windows\System32\lxebcoms.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
() C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Vtune\TBPANEL.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [lxebmon.exe] => C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe [770728 2010-05-05] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe [148280 2010-05-05] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-567512401-2068147103-189804784-1001\...\Run: [TBPanel] => C:\Program Files (x86)\Vtune\TBPanel.exe [2248704 2011-08-02] ()
HKU\S-1-5-21-567512401-2068147103-189804784-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-567512401-2068147103-189804784-1001\...\MountPoints2: {ec7094c9-2298-11e1-aa81-806e6f6e6963} - F:\autorun\autorun.exe
HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TBPanel] => C:\Program Files (x86)\Vtune\TBPanel.exe [2248704 2011-08-02] ()
HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ec7094c9-2298-11e1-aa81-806e6f6e6963} - F:\autorun\autorun.exe
HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [TBPanel] => C:\Program Files (x86)\Vtune\TBPanel.exe [2248704 2011-08-02] ()
HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {ec7094c9-2298-11e1-aa81-806e6f6e6963} - F:\autorun\autorun.exe
Startup: C:\Users\635csiXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-09-26]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Lexmark Symbolleiste -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files (x86)\Lexmark Toolbar\toolband.dll [2011-08-19] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Lexmark -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll [2011-08-19] ()
Toolbar: HKU\S-1-5-21-567512401-2068147103-189804784-1001 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\635csiXXX\AppData\Roaming\Mozilla\Firefox\Profiles\faf0xczk.default
FF NewTab: false
FF SearchEngineOrder.1: Improved Search
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-02-04] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\635csiXXX\AppData\Roaming\Mozilla\Firefox\Profiles\faf0xczk.default\searchplugins\improvedsearch.xml [2014-01-12]
FF Extension: FRITZ!Box AddOn - C:\Users\635csiXXX\AppData\Roaming\Mozilla\Firefox\Profiles\faf0xczk.default\Extensions\fb_add_on@avm.de [2014-11-28]
FF Extension: Lightbeam - C:\Users\635csiXXX\AppData\Roaming\Mozilla\Firefox\Profiles\faf0xczk.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-08-04]
Chrome:
=======
CHR Profile: C:\Users\635csiXXX\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\635csiXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google Search) - C:\Users\635csiXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (Gmail) - C:\Users\635csiXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 lxebCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxeb_device; C:\Windows\system32\lxebcoms.exe [1052328 2010-04-14] ( )
R2 lxeb_device; C:\Windows\SysWOW64\lxebcoms.exe [598696 2010-04-14] ( )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20542408 2014-04-02] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-04-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-11] (Avira Operations GmbH & Co. KG)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 STTub30; C:\Windows\System32\Drivers\STTub30.sys [44184 2012-07-09] (STMicroelectronics)
S3 TBPanel; No ImagePath
S3 ALSysIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
S1 cmpcwjan; \??\C:\Windows\system32\drivers\cmpcwjan.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S1 lqibhcnw; \??\C:\Windows\system32\drivers\lqibhcnw.sys [X]
S1 mbzkremd; \??\C:\Windows\system32\drivers\mbzkremd.sys [X]
S4 NvStUSB; \SystemRoot\system32\DRIVERS\nvstusb.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-01 19:42 - 2015-05-01 19:49 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-01 19:42 - 2015-05-01 19:42 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-01 19:42 - 2015-05-01 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-01 19:42 - 2015-05-01 19:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-01 19:42 - 2015-05-01 19:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-01 19:42 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-01 19:42 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-01 19:42 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-01 19:40 - 2015-05-01 19:39 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\635csiXXX\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-01 19:24 - 2015-05-01 19:24 - 00464381 _____ () C:\Users\635csiXXX\Desktop\SpyHunterKiller.exe
2015-05-01 17:55 - 2015-05-01 17:55 - 00001271 _____ () C:\Users\635csiXXX\Desktop\Revo Uninstaller.lnk
2015-05-01 17:55 - 2015-05-01 17:55 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-01 17:19 - 2015-05-01 10:50 - 00380416 _____ () C:\Users\635csiXXX\Desktop\Gmer-19357.exe
2015-05-01 17:19 - 2015-05-01 10:40 - 02101248 _____ (Farbar) C:\Users\635csiXXX\Desktop\FRST64.exe
2015-05-01 17:19 - 2015-05-01 10:32 - 00050477 _____ () C:\Users\635csiXXX\Desktop\Defogger.exe
2015-05-01 16:47 - 2015-05-01 16:43 - 02204160 _____ () C:\Users\635csiXXX\Desktop\adwcleaner_4.203(1).exe
2015-05-01 16:44 - 2015-05-01 19:30 - 00000000 ____D () C:\AdwCleaner
2015-05-01 11:14 - 2015-05-01 10:38 - 00000480 _____ () C:\Users\635csiXXX\Desktop\defogger_disable.log
2015-05-01 11:13 - 2015-05-01 11:13 - 00009005 _____ () C:\Users\635csiXXX\Desktop\Gmer.txt
2015-05-01 10:51 - 2015-05-01 20:12 - 00017105 _____ () C:\Users\635csiXXX\Desktop\FRST.txt
2015-05-01 10:51 - 2015-05-01 10:44 - 00044686 _____ () C:\Users\635csiXXX\Desktop\Addition.txt
2015-05-01 10:42 - 2015-05-01 20:12 - 00000000 ____D () C:\FRST
2015-05-01 10:37 - 2015-05-01 10:37 - 00000000 _____ () C:\Users\635csiXXX\defogger_reenable
2015-04-27 20:09 - 2015-04-27 20:09 - 00000000 _____ () C:\Windows\SysWOW64\shoCA90.tmp
2015-04-26 01:50 - 2015-04-26 01:50 - 00000000 _____ () C:\Windows\SysWOW64\sho4FA9.tmp
2015-04-25 08:41 - 2015-04-25 08:41 - 00000701 _____ () C:\Users\635csiXXX\Desktop\World of Warships.lnk
2015-04-25 08:41 - 2015-04-25 08:41 - 00000000 ____D () C:\Users\635csiXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2015-04-24 19:53 - 2015-04-24 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-20 19:58 - 2015-04-20 19:58 - 00000000 _____ () C:\Windows\SysWOW64\sho6252.tmp
2015-04-16 20:17 - 2015-04-16 20:17 - 00000000 _____ () C:\Windows\SysWOW64\sho7FCB.tmp
2015-04-16 08:15 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-16 08:15 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-16 08:15 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-16 08:15 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-16 08:15 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 08:15 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-16 08:15 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-16 08:15 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-16 08:15 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-16 08:15 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-16 08:15 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-16 08:15 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-16 08:15 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-16 08:15 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-16 08:15 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-16 08:15 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-16 08:15 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-16 08:15 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-16 08:15 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 08:15 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-16 08:15 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-16 08:15 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-16 08:15 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 08:15 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-16 08:15 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-16 08:15 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-16 08:15 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-16 08:15 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-16 08:15 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-16 08:15 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-16 08:15 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-16 08:15 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-16 08:15 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-16 08:15 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-16 08:15 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-16 08:15 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-16 08:15 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-16 08:15 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-16 08:15 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-16 08:15 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-16 08:15 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-16 08:15 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-16 08:15 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-16 08:15 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-16 08:15 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-16 08:15 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-16 08:15 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-16 08:15 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-16 08:15 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-16 08:15 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-16 08:15 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-16 08:15 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-16 08:15 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-16 08:15 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-16 08:15 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-16 08:15 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-16 08:15 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-16 08:15 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-16 08:14 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-16 08:14 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-16 08:14 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-16 08:14 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-16 08:14 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-16 08:14 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-16 08:14 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-16 08:14 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-16 08:14 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-16 08:14 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-16 08:14 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 08:14 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-16 08:14 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-16 08:14 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-16 08:14 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-16 08:14 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-16 08:13 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-16 08:13 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-16 08:13 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-16 08:13 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-16 08:13 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-16 08:13 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-16 08:13 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-16 08:13 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-16 08:13 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 08:13 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-16 08:13 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-16 08:13 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 08:13 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-16 08:13 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-16 08:13 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-16 08:13 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-16 08:13 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-16 08:13 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-16 08:13 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-16 08:13 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-16 08:13 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-16 08:13 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-16 08:13 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-16 08:13 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-16 08:13 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-16 08:13 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-16 08:13 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-16 08:13 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-16 08:13 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-16 08:13 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-16 08:13 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-16 08:13 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-16 08:13 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-16 08:13 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-16 08:13 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-16 08:13 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-16 08:13 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 08:13 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 08:13 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 08:13 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-16 08:13 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-16 08:13 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-16 08:13 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 08:13 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-16 08:10 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-16 08:05 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 08:05 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 08:05 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-04 19:32 - 2015-04-04 19:32 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 19:32 - 2015-04-04 19:32 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 17:39 - 2015-04-04 17:39 - 00002940 _____ () C:\Windows\System32\Tasks\{86C32AA8-C9F8-4E15-B3CE-55268A97D6C1}
2015-04-04 17:39 - 2015-04-04 17:39 - 00002940 _____ () C:\Windows\System32\Tasks\{32754E48-2BC9-4BC8-A30D-B1AF6BAB36A5}
2015-04-04 17:39 - 2015-04-04 17:39 - 00002940 _____ () C:\Windows\System32\Tasks\{1E7D7BA9-EE88-4053-AF31-7BF949AD7D71}
2015-04-04 17:38 - 2015-04-04 17:38 - 00002940 _____ () C:\Windows\System32\Tasks\{6431BD0F-BC48-4F00-A03D-2A76F387E902}
2015-04-04 17:38 - 2015-04-04 17:38 - 00002940 _____ () C:\Windows\System32\Tasks\{30E42890-CF7A-477D-B8B1-27D4717759E0}
2015-04-04 17:37 - 2015-04-04 17:37 - 00002940 _____ () C:\Windows\System32\Tasks\{ADC061D4-6D8A-4B0F-B9D1-383442C44264}
2015-04-04 17:37 - 2015-04-04 17:37 - 00002940 _____ () C:\Windows\System32\Tasks\{166243FA-589E-468E-A079-AE76D4875D3B}
2015-04-04 17:36 - 2015-04-04 17:36 - 00000878 _____ () C:\Users\635csiXXX\Desktop\dfbhd - Verknüpfung.lnk
2015-04-04 17:36 - 2003-03-11 18:35 - 02498560 _____ () C:\Users\635csiXXX\Desktop\dfbhdlc.exe
2015-04-04 17:24 - 2015-04-04 17:24 - 00000000 ____D () C:\Users\635csiXXX\AppData\Roaming\Leadertech
2015-04-04 17:23 - 2015-04-04 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaLogic
2015-04-04 17:19 - 1998-10-29 15:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-01 20:06 - 2011-12-15 15:46 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-01 19:41 - 2009-07-14 06:45 - 00023056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-01 19:41 - 2009-07-14 06:45 - 00023056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-01 19:39 - 2009-07-14 19:58 - 00714410 _____ () C:\Windows\system32\perfh007.dat
2015-05-01 19:39 - 2009-07-14 19:58 - 00154268 _____ () C:\Windows\system32\perfc007.dat
2015-05-01 19:39 - 2009-07-14 07:13 - 01650272 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-01 19:37 - 2014-02-27 11:54 - 01217252 _____ () C:\Windows\WindowsUpdate.log
2015-05-01 19:32 - 2014-10-09 07:45 - 00195166 _____ () C:\Windows\PFRO.log
2015-05-01 19:32 - 2014-06-16 16:57 - 00086094 _____ () C:\Windows\setupact.log
2015-05-01 19:32 - 2014-02-27 14:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-01 19:32 - 2013-01-30 10:13 - 00000354 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2015-05-01 19:32 - 2012-01-13 17:59 - 00206154 _____ () C:\ProgramData\lxebscan.log
2015-05-01 19:32 - 2011-12-15 15:46 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-01 19:32 - 2011-12-01 11:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-01 19:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-01 19:20 - 2011-12-11 19:55 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-05-01 10:37 - 2011-12-09 21:31 - 00000000 ____D () C:\Users\635csiXXX
2015-05-01 08:54 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-04-30 20:07 - 2011-12-15 15:48 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 08:16 - 2015-02-12 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\diclovit's mod pack
2015-04-30 08:15 - 2015-02-12 12:15 - 00000763 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2015-04-28 22:28 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-28 10:46 - 2014-11-07 13:09 - 00000000 ____D () C:\Users\635csiXXX\Desktop\ME109-B17Motor
2015-04-26 17:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-25 21:45 - 2012-05-13 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-24 09:20 - 2013-10-16 08:15 - 00000000 ____D () C:\Users\635csiXXX\Desktop\agb shop
2015-04-18 12:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-18 12:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 18:33 - 2014-12-10 17:01 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 18:33 - 2014-05-07 03:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 18:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 11:24 - 2013-09-26 11:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 11:23 - 2011-12-11 19:55 - 01623616 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 11:20 - 2013-08-14 17:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 11:16 - 2011-12-19 01:28 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-16 11:16 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2015-04-08 18:11 - 2014-08-05 15:58 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 18:11 - 2014-04-18 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-08 18:11 - 2014-04-18 10:46 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-04 17:25 - 2011-12-13 22:04 - 00000000 ____D () C:\Users\635csiXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-01 08:42 - 2014-04-18 10:47 - 00000000 ____D () C:\Users\635csiXXX\AppData\Roaming\Avira
2015-04-01 08:42 - 2011-12-15 15:03 - 00000000 ____D () C:\ProgramData\Avira
==================== Files in the root of some directories =======
2014-01-12 14:57 - 2014-02-27 13:23 - 0000124 _____ () C:\Users\635csiXXX\AppData\Roaming\WB.CFG
2013-11-18 08:37 - 2013-11-18 08:37 - 0003584 _____ () C:\Users\635csiXXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-26 15:33 - 2012-02-26 15:33 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2012-01-13 18:01 - 2012-01-13 18:01 - 0000252 _____ () C:\ProgramData\FastPics.log
2012-03-14 04:16 - 2012-03-14 04:16 - 0000078 _____ () C:\ProgramData\lxeb.log
2012-01-13 18:01 - 2012-10-11 08:42 - 0010296 _____ () C:\ProgramData\lxebJSW.log
2012-01-13 17:59 - 2015-05-01 19:32 - 0206154 _____ () C:\ProgramData\lxebscan.log
2012-02-26 15:33 - 2012-02-26 15:33 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2012-01-13 17:57 - 2012-01-13 17:57 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
Some content of TEMP:
====================
C:\Users\635csiXXX\AppData\Local\Temp\avgnt.exe
C:\Users\635csiXXX\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\635csiXXX\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\635csiXXX\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\635csiXXX\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\635csiXXX\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\635csiXXX\AppData\Local\Temp\Quarantine.exe
C:\Users\635csiXXX\AppData\Local\Temp\RHSetup.exe
C:\Users\635csiXXX\AppData\Local\Temp\SIntf16.dll
C:\Users\635csiXXX\AppData\Local\Temp\SIntf32.dll
C:\Users\635csiXXX\AppData\Local\Temp\SIntfNT.dll
C:\Users\635csiXXX\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-24 13:54
==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by 635csiXXX at 2015-05-01 20:13:03
Running from C:\Users\635csiXXX\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
635csiXXX (S-1-5-21-567512401-2068147103-189804784-1001 - Administrator - Enabled) => C:\Users\635csiXXX
Administrator (S-1-5-21-567512401-2068147103-189804784-500 - Administrator - Disabled)
Gast (S-1-5-21-567512401-2068147103-189804784-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-567512401-2068147103-189804784-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Age of Conan: Unchained (HKLM-x32\...\Age of Conan_is1) (Version: - Funcom)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: - )
AOC UI Installer 3.1.0 (HKLM-x32\...\{87464284-11C8-4F83-88EC-E8013320B789}) (Version: 3.1.0 - VikingWorks)
Applian FLV Player (HKLM-x32\...\Applian FLV Player2.0.24) (Version: 2.0.24 - Applian Technologies Inc.)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Benutzerhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Useg) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Juarez (HKLM-x32\...\InstallShield_{3E7940A4-495B-4DC5-B5C9-D2EE1DE9E5EF}) (Version: 1.1.1.0 - Ubisoft)
Call of Juarez (x32 Version: 1.1.1.0 - Ubisoft) Hidden
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Delta Force - Black Hawk Down (HKLM-x32\...\Delta Force - Black Hawk Down) (Version: - )
devention Upgrade Tools version 2.31 (HKLM-x32\...\{6B7B47D7-B73B-473A-B432-A1E8C056D349}_is1) (Version: 2.31 - walkera)
diclovit's mod pack 9.7.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.7.0 - diclovit)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.04 - Electronic Arts, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.20130522 - Landesfinanzdirektion Thüringen)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
FileViewPro (HKLM\...\{29938C06-6962-4C27-A94C-25E4F424A665}_is1) (Version: 1.5 - Solvusoft Corporation)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1015 - Intel Corporation)
James Cameron's AVATAR(tm): DAS SPIEL (HKLM-x32\...\{7E19B002-4CA3-4C9F-BA92-91D101B97219}) (Version: 1.00.00 - Ubisoft)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Lexmark (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lexmark Pro200-S500 Series (HKLM\...\Lexmark Pro200-S500 Series) (Version: - Lexmark International, Inc.)
Lexmark Symbolleiste (HKLM-x32\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.63.37.0 - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.1.0.6 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Netzwerkhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Netg) (Version: - )
NVIDIA 3D Vision Controller-Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenSSL 1.0.0l Light (32-bit) (HKLM-x32\...\OpenSSL Light (32-bit)_is1) (Version: - OpenSSL Win32 Installer Team)
PicPick (HKLM-x32\...\PicPick) (Version: 3.2.1 - NTeWORKS)
RAGE (HKLM-x32\...\Steam App 9200) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TextMaker Viewer (HKLM-x32\...\TextMaker Viewer) (Version: - SoftMaker Software GmbH)
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
TUGZip 3.5 (HKLM-x32\...\TUGZip_is1) (Version: - Christian Kindahl)
Vtune 7.21 (HKLM-x32\...\MySSID_is1) (Version: - )
Windows-Treiberpaket - 3D Robotics (usbser) Ports (07/31/2013 2.0.0.3) (HKLM\...\3C34FF4EF99EAC8D565419CDF431F96703771360) (Version: 07/31/2013 2.0.0.3 - 3D Robotics)
Windows-Treiberpaket - Arduino LLC (www.arduino.cc) (usbser) Ports (11/15/2012 5.1.2600.0) (HKLM\...\4414E25DD1DDB3A149E9A6222CA82E070C630A02) (Version: 11/15/2012 5.1.2600.0 - Arduino LLC (www.arduino.cc))
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-567512401-2068147103-189804784-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
20-04-2015 13:09:48 Windows Update
24-04-2015 09:12:06 Windows Update
28-04-2015 07:56:04 Windows Update
01-05-2015 18:02:06 Revo Uninstaller's restore point - SpyHunter 4
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0346295A-56B4-4D58-BBB0-0D405F4AAB6B} - System32\Tasks\{77835819-D8F6-44C7-BF2D-CD4485BE223B} => D:\Program Files (x86)\The Witcher 2\launcher.exe [2011-12-19] (CD Projekt RED)
Task: {14EDD060-811B-416E-8EC8-6351F9670A31} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2474EFEC-AC63-434C-9C26-6E3430299696} - System32\Tasks\{810F632C-8C91-4FB7-A793-993225A642B5} => D:\Program Files (x86)\The Witcher 2\launcher.exe [2011-12-19] (CD Projekt RED)
Task: {3A1BAF3A-40FC-4F61-8B18-51B9F336DCB6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3BD30FEF-0A23-43FE-A9B8-72283FD94ABF} - \Dealply No Task File <==== ATTENTION
Task: {402B4BDB-6423-4BDE-9BA1-67A278E9667F} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: {599C0C49-F659-4EC5-9054-62BA6DE3736D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-01] (Piriform Ltd)
Task: {8C283297-5B76-45A2-ADC8-5E8A4C824244} - System32\Tasks\{86C32AA8-C9F8-4E15-B3CE-55268A97D6C1} => C:\Users\635csiXXX\Desktop\dfbhdlc.exe [2003-03-11] ()
Task: {908EE8AD-CC27-4F13-896E-8E7124E238C2} - System32\Tasks\{1E7D7BA9-EE88-4053-AF31-7BF949AD7D71} => C:\Users\635csiXXX\Desktop\dfbhdlc.exe [2003-03-11] ()
Task: {9735B8AE-B78F-4644-9437-D5EDE4735FB9} - System32\Tasks\{ADC061D4-6D8A-4B0F-B9D1-383442C44264} => C:\Users\635csiXXX\Desktop\dfbhdlc.exe [2003-03-11] ()
Task: {A1DBFF25-D9B5-4D2F-864F-D8FC08D8B653} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {A48DFD1A-DBD1-4612-BA09-7AA842DE9B0D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {A81969ED-D640-4C68-A51A-DE7C4517CFF4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {C2CBDABA-3083-46AF-A3DF-B5274AD36573} - System32\Tasks\{32754E48-2BC9-4BC8-A30D-B1AF6BAB36A5} => C:\Users\635csiXXX\Desktop\dfbhdlc.exe [2003-03-11] ()
Task: {C8CFE8E2-C5BA-45FE-AC02-1949631C1ACA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D2599463-A850-4AF4-8990-0DF2856696B2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {D562A0C1-0CFB-4C59-841B-94F78598EF4A} - System32\Tasks\{30E42890-CF7A-477D-B8B1-27D4717759E0} => C:\Users\635csiXXX\Desktop\dfbhdlc.exe [2003-03-11] ()
Task: {E5B2E902-9060-4293-BDB0-C64AF0D4F2AF} - System32\Tasks\{166243FA-589E-468E-A079-AE76D4875D3B} => C:\Users\635csiXXX\Desktop\dfbhdlc.exe [2003-03-11] ()
Task: {E66BF8EA-7408-4E1C-ABF3-A7901FDB2514} - System32\Tasks\{6431BD0F-BC48-4F00-A03D-2A76F387E902} => C:\Users\635csiXXX\Desktop\dfbhdlc.exe [2003-03-11] ()
Task: {E6AA0012-816A-4331-96BE-331E80563C45} - System32\Tasks\{AB1C696F-E61B-48DA-80A8-5F9D6A35B897} => D:\Program Files (x86)\The Witcher 2\launcher.exe [2011-12-19] (CD Projekt RED)
Task: {F64F21FA-EAA6-4B67-BBBC-7B3DB8A8EB9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {F9220086-34C9-4A21-9D89-55DAD60ABDE4} - System32\Tasks\{248BE6DE-5511-4134-8371-69E1AE053E8D} => pcalua.exe -a "C:\Program Files (x86)\Microsoft Games\Age of Mythology\UNINSTXP.EXE" -c /runtemp /addremove
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
==================== Loaded Modules (whitelisted) ==============
2013-11-08 09:13 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-13 17:12 - 2009-11-04 15:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxebdrpp.dll
2011-12-15 15:31 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-01-13 17:58 - 2010-05-05 14:58 - 00770728 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
2012-01-13 17:58 - 2010-05-05 14:58 - 00148280 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
2013-11-06 18:44 - 2011-08-02 16:38 - 02248704 _____ () C:\Program Files (x86)\Vtune\TBPANEL.exe
2012-01-13 17:58 - 2010-04-01 19:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll
2012-01-13 17:58 - 2009-05-27 14:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll
2012-01-13 17:58 - 2010-04-01 19:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebDRS.dll
2012-01-13 17:58 - 2009-03-10 07:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll
2012-01-13 17:58 - 2010-04-05 12:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epwizard.DLL
2012-01-13 17:58 - 2010-04-05 12:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll
2012-01-13 17:58 - 2010-04-05 12:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Eputil.DLL
2012-01-13 17:58 - 2010-04-05 12:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Imagutil.DLL
2012-01-13 17:58 - 2010-04-05 12:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epfunct.DLL
2012-01-13 17:58 - 2009-06-23 13:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPWizRes.dll
2012-01-13 17:58 - 2009-06-23 13:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll
2012-01-13 17:58 - 2009-06-23 13:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPOEMDll.dll
2012-01-13 17:58 - 2009-04-07 21:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll
2012-01-13 17:58 - 2009-03-02 16:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll
2013-11-06 18:44 - 1998-10-31 05:55 - 00005120 _____ () C:\Program Files (x86)\Vtune\TBManage.dll
2014-10-16 15:11 - 2014-10-16 15:11 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1f61c24d916f97e3b29172ad26927bf4\IsdiInterop.ni.dll
2011-12-01 11:19 - 2011-02-09 14:16 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-567512401-2068147103-189804784-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\635csiXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\635csiXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-567512401-2068147103-189804784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\635csiXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\Steam.exe" -silent
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{87AC4E61-D164-4655-9599-B73980840DBE}] => (Allow) D:\RelicCOH.exe
FirewallRules: [{F29E3A28-6C60-4C8D-BCDE-98596773E6C3}] => (Allow) D:\RelicCOH.exe
FirewallRules: [TCP Query User{D64230C0-ED6B-4698-B884-01A6278E5776}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Allow) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{810C8184-41CC-4D48-8296-619FE43F11F2}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Allow) D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [{975208C6-0C97-40D8-ADB2-3925F198434B}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{48C6ABA9-E3E0-4011-87B3-91EBF5AF4669}] => (Allow) C:\Windows\system32\lxebcoms.exe
FirewallRules: [{C8B9F55F-8CA4-4856-A354-69FFE6C0F95A}] => (Allow) C:\Windows\system32\LXEBcoms.exe
FirewallRules: [{95244EAD-F3B2-4DF7-A356-0AAE5EE6788D}] => (Allow) C:\Windows\system32\LXEBcoms.exe
FirewallRules: [{AF92DEEB-0EE0-4801-84DB-5795590A2C83}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{AC183739-BEF3-4735-88C7-0BFED5A7E94E}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{15A95593-1D06-4A6E-9F37-DF4788008BA4}] => (Allow) C:\Windows\system32\LXEBcoms.exe
FirewallRules: [{69F8DE41-7600-4E90-9549-91923717BC57}] => (Allow) D:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{2F43999A-7C9D-49DB-BCA8-4BDCC4D41317}] => (Allow) D:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{0E65FE3D-5488-4268-A16B-6055FD193ABD}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{09290F45-7912-4EAE-9BA0-4C788B6E506F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B32F175A-5876-40D7-BBEA-D6A73E1F83CB}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{36F88932-7BAE-461C-BF21-5EE1BEE6E1B7}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{8BF2AE82-B88B-4E2E-9203-9FC6E70823AD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\stronghold3\bin\win32_release\MapEditor.exe
FirewallRules: [{9E10F906-3F08-44E3-AFCC-ACE5E4E2E720}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\stronghold3\bin\win32_release\MapEditor.exe
FirewallRules: [{A8EF4AC9-EB75-47C7-ABF3-1D94EAF97DD0}] => (Allow) D:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{DAA67E9F-20C6-4250-BC0C-6D32EC5FD368}] => (Allow) D:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{83BF7F88-59FF-476F-8D47-F651EB602B8D}] => (Allow) D:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{A4343605-6E54-421F-83BD-99E04C787850}] => (Allow) D:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{077FE53C-3E1C-457B-9631-8C1531C26C3E}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{9CC0E35B-2652-4450-89F0-815D9FECCB7F}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{5E98FEE0-CA9B-4B64-8671-9A52D86F49A9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{ACB6DDAF-7AFB-400F-B3B8-8533A64F4555}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{00C932E9-0F57-49E1-B304-2D0C43B979AD}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{A6C7E5D2-A1F3-4E22-9EF4-A58FC8633923}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{6E109AA6-0D8F-458A-865E-287375404E6F}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{7AF0D607-96AB-4403-82A2-ACAAF9E3C315}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{49900257-07CA-4A44-8E91-EC503C0BADE9}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{1D204FE9-3C25-4488-A18D-9868BD9FDC6B}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{67989D1A-1FE0-44F9-A4E1-39A07E82DA0E}D:\games\world_of_warplanes\wowplauncher.exe] => (Allow) D:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{2ABE52C0-EA24-4B44-96D4-7746EF43DDC6}D:\games\world_of_warplanes\wowplauncher.exe] => (Allow) D:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{7B17B795-25F2-481A-AF9B-FF362F3D7F28}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{AF1CA8AA-940B-405F-87C3-D24DBAEAA256}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{01F7E3BB-3EAB-423B-A8AF-2562C7F3D23C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{0A36FB82-D369-4B7B-A635-C9D8D578A21E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{F4A1D471-0A10-45A2-AF26-A6D0B3D22A28}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{3A1B22F0-A017-47DF-A378-C6C8FF489C61}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{B043BBC9-ACC4-42CE-A519-C30E27DEE0C3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{3220B20A-E8AB-4D4A-9659-1E42D072F237}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{11EAF7FC-0048-4095-91CC-715DA6DBEEB7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{E0C54ED1-A725-4D5F-8131-B7CCAB162FDC}] => (Allow) D:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{9F8B0151-E2AC-47C0-BCC1-20E2303707D8}] => (Allow) D:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{82483D9E-E04E-4FDD-9794-6F1AFF15B576}] => (Allow) D:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - DAS SPIEL\bin\Avatar.exe
FirewallRules: [{1849F58D-C8CE-487A-9864-71FF0A2FB859}] => (Allow) D:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - DAS SPIEL\bin\Avatar.exe
FirewallRules: [{A66D3135-5BCC-4697-8543-F18AAA868BBB}] => (Allow) D:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - DAS SPIEL\bin\AvatarLauncher.exe
FirewallRules: [{BA272121-1B0D-48C4-9CE0-035BA7F51097}] => (Allow) D:\Program Files (x86)\Ubisoft\James Cameron's AVATAR - DAS SPIEL\bin\AvatarLauncher.exe
FirewallRules: [{D3CA18F9-9642-41F4-B8D9-62AFE0CA416C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{58374980-B37F-4A1A-9611-1E0B4C191137}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D9DCB9E3-248D-40DA-A86F-EC27E771A059}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{699FC0B7-EF99-4F34-AE8E-BEC10D3F89AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E6B40BF0-0E83-44D9-8CE6-9939D9ECC893}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2D70F9BD-9676-403B-B261-75FC9A1FA633}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{2474A9C4-C6CE-4B31-8B0F-687F9345D055}D:\games\aom.exe] => (Allow) D:\games\aom.exe
FirewallRules: [UDP Query User{6A76B74B-FFE9-419F-8544-F0103F35E0AD}D:\games\aom.exe] => (Allow) D:\games\aom.exe
FirewallRules: [TCP Query User{0CEE0B54-AEAB-41B2-88BA-A5533C450D88}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{FDC74592-EC30-4BE4-AF29-EB82597DB699}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{C6763111-DEBF-4454-A085-A6E108B15ECF}E:\funcom\age of conan\conanpatcher.exe] => (Allow) E:\funcom\age of conan\conanpatcher.exe
FirewallRules: [UDP Query User{F2B039B6-6DAF-43C4-A5EB-86C0C65D204E}E:\funcom\age of conan\conanpatcher.exe] => (Allow) E:\funcom\age of conan\conanpatcher.exe
FirewallRules: [TCP Query User{69532D88-EE25-481B-8EC3-2C6CBC2CEFF2}E:\funcom\age of conan\ageofconan.exe] => (Allow) E:\funcom\age of conan\ageofconan.exe
FirewallRules: [UDP Query User{0BC339AC-C629-485B-93A1-906CA87BFD64}E:\funcom\age of conan\ageofconan.exe] => (Allow) E:\funcom\age of conan\ageofconan.exe
FirewallRules: [{AF485913-BFB8-444D-8C94-47E2472B6360}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\stronghold\Stronghold.exe
FirewallRules: [{3A7C40C0-9955-4856-AA09-7D30DC48E2BA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\stronghold\Stronghold.exe
FirewallRules: [{06D147D4-F503-43BB-A38A-0D586E5D03DF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{D3F4A5F6-F432-4784-8B3A-8CDD17E252F7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{78C7E02A-7C62-4CB6-8EB7-D1E7AAE2CCC2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{AE58F4E2-E946-4CA9-A42A-3AC29957664A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{BA80DB9D-A716-4DA7-A68E-87488188F5E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E9A93F3-A441-4065-A553-29B3C3739D66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{117DEB10-8F91-4A73-9A27-E0D4D044647B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E219EDFE-5FFB-4808-B24C-913039FAB1EC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{8AA54E57-AE7C-4323-8FF9-8D4E3EDA842B}C:\program files (x86)\apmplanner2\apmplanner2.exe] => (Allow) C:\program files (x86)\apmplanner2\apmplanner2.exe
FirewallRules: [UDP Query User{142E4ACA-A9A9-4458-AA5E-11CAC86B986C}C:\program files (x86)\apmplanner2\apmplanner2.exe] => (Allow) C:\program files (x86)\apmplanner2\apmplanner2.exe
FirewallRules: [TCP Query User{7F27D147-926A-4990-AB6B-015C3F7A7624}E:\games\world_of_warships\wowslauncher.exe] => (Allow) E:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{A45F2EC8-C32C-40E2-BE17-0334D85BB01E}E:\games\world_of_warships\wowslauncher.exe] => (Allow) E:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{9EA4ED1C-FB9C-46D2-B629-9FD2383F4BE7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: 802.11n-Drahtlos-LAN-Karte
Description: 802.11n-Drahtlos-LAN-Karte
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/01/2015 00:27:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/29/2015 07:34:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/28/2015 04:26:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/28/2015 02:03:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/26/2015 07:43:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/26/2015 07:00:05 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "K:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (04/25/2015 00:49:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/24/2015 01:55:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/24/2015 08:04:10 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (04/23/2015 10:32:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
System errors:
=============
Error: (05/01/2015 07:32:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lxebCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/01/2015 07:32:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxebCATSCustConnectService erreicht.
Error: (05/01/2015 07:32:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SpyHunter 4 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/01/2015 07:31:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/01/2015 07:31:34 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/01/2015 07:31:08 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/01/2015 07:30:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/01/2015 07:30:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/01/2015 07:30:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/01/2015 07:30:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Application Virtualization Client" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (05/01/2015 00:27:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\devention upgrade tools\Driver\dpinst_ia64.exe
Error: (04/29/2015 07:34:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\devention upgrade tools\Driver\dpinst_ia64.exe
Error: (04/28/2015 04:26:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\devention upgrade tools\Driver\dpinst_ia64.exe
Error: (04/28/2015 02:03:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\devention upgrade tools\Driver\dpinst_ia64.exe
Error: (04/26/2015 07:43:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\devention upgrade tools\Driver\dpinst_ia64.exe
Error: (04/26/2015 07:00:05 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: K:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (04/25/2015 00:49:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\devention upgrade tools\Driver\dpinst_ia64.exe
Error: (04/24/2015 01:55:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\devention upgrade tools\Driver\dpinst_ia64.exe
Error: (04/24/2015 08:04:10 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (04/23/2015 10:32:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 38%
Total physical RAM: 4079.11 MB
Available physical RAM: 2492.2 MB
Total Pagefile: 8156.41 MB
Available Pagefile: 5946.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:146.48 GB) (Free:60.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:156.25 GB) (Free:19.98 GB) NTFS
Drive e: (Volume) (Fixed) (Total:163.02 GB) (Free:55.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E121E4A0)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=156.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=163 GB) - (Type=07 NTFS)
==================== End Of Log =======================
Ok , ich glaube das ist alles , dann schaue ich morgen wieder rein , Vielen Dank nochmal für deine Mühe :-))
PS: Weist du zufällig ob jemand den spyHunter erfolgreich gekündigt hat ? |
Hinweis:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
AdwCleaner auf deinen Desktop.
dann auf 
und dann auf 
. 