| Gurke258 | 12.07.2015 19:49 |
Hier sind die Angeforderten Codes:
Addition.txt Code:
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM-x32\...\{e1e3b41b-1078-4885-a74f-393ca384b1aa}) (Version: 1.2.250.0 - Futuremark)
3DMark (Version: 1.2.250.0 - Futuremark) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
AlienFX for KoneXTD (Version: 1.02 - Roccat GmbH) Hidden
Amazon Cloud Player (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
Ashampoo Burning Studio 15 v.15.0.4 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield™ Hardline-Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BIG RED BUTTON (HKLM-x32\...\{9A2AFCA9-389E-446C-BE11-3E8F614E8E5D}) (Version: 1.0.2 - Dream Cheeky)
BIG RED BUTTON Boom02 effect (HKLM-x32\...\{6AD2A64C-1180-4304-BA5F-ABDBB82F7925}) (Version: 1.0.0 - Dream Cheeky)
BIG RED BUTTON Boom03 effect (HKLM-x32\...\{F03D4E15-71B1-4D89-8453-928536ABA6B1}) (Version: 1.0.0 - Dream Cheeky)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-9332CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
Car Mechanic Simulator 2014 (HKLM-x32\...\Steam App 270850) (Version: - PlayWay S.A.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - )
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.4310 - CyberLink Corp.)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
Echo of Soul (HKLM-x32\...\Steam App 290140) (Version: - Nvius)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version: - SCS Software)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version: - Day 1 Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fitbit Connect (HKLM-x32\...\{08002BE6-6476-4012-8D4B-CF0AE7C71F29}) (Version: 2.0.0.6518 - Fitbit Inc.)
Futuremark SystemInfo (HKLM-x32\...\{991C8DEA-3C01-45B8-A62B-1BB69BDC277D}) (Version: 4.23.255 - Futuremark)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Greenshot 1.1.7.17 (HKLM\...\Greenshot_is1) (Version: 1.1.7.17 - Greenshot)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
HAMA Joystick Outlandish (HKLM-x32\...\HAMA Joystick Outlandish) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inno3D TunelT OverClock Utility version V6.0.0.0 (HKLM-x32\...\Inno3D TunelT OverClock Utility_is1) (Version: V6.0.0.0 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{E522EB0E-20CC-42A9-82EA-50968D01E7A2}) (Version: 8.0.1.1315 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.1.1315 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Knuddels Desktop App (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Knuddels Desktop App ) (Version: "2014.12.13.0" - "Knuddels Desktop App")
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Firefox 36.0.4 (x86 de) (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 24.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version: - Cryptic Studios)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.7.2735 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.86.89.0 - Overwolf Ltd.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PhotoFiltre 7 (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\PhotoFiltre 7) (Version: - )
Pool Nation (HKLM-x32\...\Steam App 254440) (Version: - Cherry Pop Games)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
righT.GUI for CS:GO version 2.7 (HKLM-x32\...\{4870E939-39A7-4801-A630-1F296BEF13AD}_is1) (Version: 2.7 - Orel)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version: - Roccat GmbH)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version: - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.4.201503191332 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Spotify (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version: - 2K Marin)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Four Kings Casino and Slots (HKLM-x32\...\Steam App 260430) (Version: - Digital Leisure Inc.)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Unity Web Player (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
Virtual RC Pro Racing Simulator (HKLM-x32\...\{BF530916-26EE-4FE4-8946-670C82357454}_is1) (Version: Virtual RC Pro 4.1 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL))
War Thunder Launcher 1.0.1.376 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinSCP 5.5 (HKLM-x32\...\winscp3_is1) (Version: 5.5 - Martin Prikryl)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
29-06-2015 09:23:51 DirectX wurde installiert
30-06-2015 09:28:36 Entfernt WISO Steuer-Sparbuch 2015
08-07-2015 17:40:26 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2015-01-24 22:34 - 00000878 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00E48D22-0E61-44DC-8A08-18415E37F265} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {03F8F1EE-63F4-4640-A1EF-E020F4185337} - System32\Tasks\CCleanerSkipUAC => F:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {227EA60A-8476-4D16-998A-7CDA6115871D} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {22CE542F-542B-4E95-BA13-32A2FF295C88} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {2FFE193C-C271-47AD-AB61-4F5A0ED70497} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8ccf443d60c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {36B437CF-560E-417C-8A29-3A77EC63849A} - System32\Tasks\{668F68C1-4C30-4508-BE32-1AF8C22A6CBD} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?page=tsProgressBar
Task: {42EBB69F-EFE0-435A-B2ED-49887D6CB357} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {4496D195-1860-49E7-9711-FE130C2F20E6} - System32\Tasks\Overwolf Updater Task => F:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-06-21] (Overwolf LTD)
Task: {5EBCBE7D-98C6-43E6-A7D1-C0060AC1EA02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {5EC28FAD-DF13-4BBA-9860-F8967EEB09A5} - System32\Tasks\{F970A771-01AD-4A0E-8C51-AB975E26E497} => pcalua.exe -a "F:\Program Files (x86)\Actual Multiple Monitors\unins000.exe"
Task: {67ED3A46-78D4-4016-A181-DEC4A1C9F9FB} - System32\Tasks\{061A7745-F8D1-48A1-BAE4-9BBA58F55AA6} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?page=tsProgressBar
Task: {7ACC1CEA-6655-403A-99B0-D41B702AD1EA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-09] (Microsoft Corporation)
Task: {87C05552-1A9C-4A9C-B38B-434B8435488C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A1D68279-3FDB-4891-8E52-60C0A8C7821B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-552782436-3684921078-2302428421-1001
Task: {B31708DC-2820-485A-ADDB-D38AEF9C0BCB} - System32\Tasks\{44097146-4B8A-4794-8D96-C654BBA292CE} => pcalua.exe -a "C:\Users\Steven\Downloads\NFS Underground 2 TexMod V2.0 by Dragozool\Texmod.exe" -d "C:\Users\Steven\Downloads\NFS Underground 2 TexMod V2.0 by Dragozool"
Task: {B3A21C0C-B661-437A-A9E6-92FCCBB994D7} - System32\Tasks\GoogleUpdateTaskMachineCore1cf2776eb65ef67 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-03] (Google Inc.)
Task: {B5D41163-64A6-4777-A18D-27C9F3F2AE7E} - System32\Tasks\{52563ED7-F60C-476E-BBDB-86C22799099B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?page=tsProgressBar
Task: {C8E1E141-9A35-4B38-8975-6416B41AE62A} - System32\Tasks\{DCAC6CA3-3C73-47E8-8699-55450248C9EA} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?page=tsProgressBar
Task: {F9372D43-0B1C-4DA2-BA8C-E775E1D882EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-13] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf2776eb65ef67.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8ccf443d60c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-25 19:30 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-03 20:54 - 2014-12-15 12:45 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2013-10-01 19:11 - 2013-08-13 21:55 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-10-26 18:56 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2013-10-02 15:14 - 2015-06-29 09:24 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-10-02 15:14 - 2015-06-29 09:24 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-02-09 00:16 - 2013-03-06 15:42 - 00253776 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2015-02-04 22:13 - 2005-04-22 06:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2013-10-01 19:11 - 2013-08-13 21:55 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2015-06-02 17:18 - 2015-06-02 17:18 - 00043480 _____ () F:\Program Files (x86)\FileZilla 3.9.0.5\FileZilla FTP Client\fzshellext_64.dll
2015-05-25 19:30 - 2015-06-03 23:04 - 00087368 _____ () C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () F:\Program Files\CCleaner\lang\lang-1031.dll
2013-10-01 19:10 - 2013-08-07 19:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2013-10-01 19:11 - 2013-08-13 21:46 - 02745344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2013-10-01 19:11 - 2013-08-08 11:44 - 01139200 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2013-12-28 00:42 - 2013-06-24 16:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
2013-10-01 19:10 - 2013-06-04 11:41 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2013-10-01 19:10 - 2013-08-07 19:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2013-12-28 00:43 - 2012-01-19 10:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2013-10-01 19:10 - 2013-08-07 19:11 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2013-10-01 19:10 - 2013-08-07 19:11 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2013-12-28 00:43 - 2010-09-23 12:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
2013-12-28 00:43 - 2010-02-25 15:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
2013-10-01 19:11 - 2013-08-13 21:55 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2013-10-01 19:11 - 2013-08-13 21:55 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2013-10-01 19:11 - 2013-08-13 21:55 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2013-10-01 19:11 - 2013-08-13 21:55 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-10-26 18:56 - 2015-07-12 19:39 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-10-26 18:56 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\kpcengine.2.3.dll
2015-05-25 19:30 - 2015-06-03 23:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-25 19:30 - 2015-06-03 23:04 - 00621200 _____ () C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvGpuInterface.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-25 14:25 - 2012-07-08 17:31 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2015-01-25 14:26 - 2012-06-17 12:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2013-12-28 00:34 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-02 17:18 - 2015-06-02 17:18 - 00039384 _____ () F:\Program Files (x86)\FileZilla 3.9.0.5\FileZilla FTP Client\fzshellext.dll
2015-07-08 14:58 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-08 14:58 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll
2015-07-08 14:58 - 2015-07-07 05:49 - 16285512 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll
2015-05-25 19:47 - 2015-05-25 19:47 - 03350640 _____ () F:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-05-25 19:47 - 2015-05-25 19:47 - 00158832 _____ () F:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-05-25 19:47 - 2015-05-25 19:47 - 00023152 _____ () F:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Steven\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Steven\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Fitbit Connect"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "SteelSeries Engine"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Epson Stylus SX525WD"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F24911D7A7038F5FFBF2DBF664E78DA0"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "icq"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\StartupApproved\Run: => "Fitbit Connect"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{33C8A19D-AD0B-43B7-90A1-DBF6B6F322CB}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7F6781BB-C033-4AF2-909B-8F158B4FE087}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9238BF12-FA9E-4AF0-AB64-6E6861D15FB5}] => (Allow) LPort=8090
FirewallRules: [{5145EBF0-0BDC-4A6A-BECD-CC1B6190F087}] => (Allow) LPort=20443
FirewallRules: [{4A4F31D5-CE38-40EE-8D64-AF7317D3FD23}] => (Allow) LPort=33333
FirewallRules: [{AC77BF87-0400-4CBD-938A-E1B9AE3DC015}] => (Allow) LPort=6881
FirewallRules: [{3B06BBDE-717E-4D93-883F-C65AC3439F1B}] => (Allow) LPort=27022
FirewallRules: [{F62F0866-B1F2-48EB-B45D-D799A1A62D8D}] => (Allow) LPort=7853
FirewallRules: [{3D3BC782-02EE-4464-B658-34674B1F6B37}] => (Allow) LPort=7852
FirewallRules: [{71A97C46-5E9A-4979-B98D-2AE3BBB1EE78}] => (Allow) LPort=7850
FirewallRules: [{0D71B3C8-8A2D-4E66-9A2C-7F7061DB3FB7}] => (Allow) LPort=3478
FirewallRules: [{E70D96BB-A2E1-4ABB-A0F9-86AA66EBE33D}] => (Allow) LPort=20010
FirewallRules: [{C5C30B7A-6D27-48C8-99E6-FCE7DC356E3C}] => (Allow) LPort=443
FirewallRules: [{0CA107DD-3FDB-4CEC-A748-B7118C31302F}] => (Allow) LPort=80
FirewallRules: [{126BF37E-7342-489B-B4D4-ED25F4D8405E}] => (Allow) E:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{72AD1A6A-1276-4748-A94F-9568B3313BE6}] => (Allow) E:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{64F2EAD5-C3CE-47F3-A7C0-ECFF3C5269B9}] => (Allow) F:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A222481A-F367-44AB-946F-314FF64CA62D}] => (Allow) F:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7EC27838-D4E2-4B66-83DB-7FE338BF1CD3}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{421EF961-7B9B-4213-9C1B-D7FC90E8465C}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{5AF7932D-A763-41CD-9836-5AAA56EA43B1}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Car Mechanic Simulator\cms.exe
FirewallRules: [{183F59D5-8D09-45D6-9E99-46E1A4ACAFD0}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Car Mechanic Simulator\cms.exe
FirewallRules: [{5B9F7741-B441-4804-AFF2-B320C9F3A681}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{80A7E6F0-DF65-4183-B206-9739E47F032C}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{8F0105C6-785A-434D-9B06-9922B2113104}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{D762D7ED-FF23-44CD-9E7E-F88AACDB630A}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{E0DDB958-D7DF-4757-BF60-01C2329E95E2}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5792CE24-A3FE-4905-A32C-D591F4B7FBD2}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{88D4B2F0-74F0-4C44-84C4-8E5AF7DC4576}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{33B3487D-FB79-4824-B9BB-B4EDB084FBBF}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{CEDC2F73-9B7A-427A-96E5-C613804D1EAD}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{589CC929-CF3A-4F84-8586-56D160D3B5E7}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{D93BFF16-A9F0-4A44-B124-5D3F9CA280A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{92D878E2-32F9-4A19-895C-D0AFF1550320}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F1912242-B050-410D-9656-D4D6516AB990}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F41BE65A-139C-4302-B4B4-FB5EC50AB98B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D21F22AB-B8B1-4065-89EE-66303E8FA1F4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AEE80A0F-6BDD-4A06-B9A4-DBD9F44B0C8C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8BCB7472-34E2-44B4-8747-B26440256FA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8FC63E88-A6B5-4A8D-AAAE-9B7D40044D41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{357A842F-92DD-4B37-BE16-3B922367F05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EAE8DAC1-514D-4E30-9D87-057723F7630D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F447524A-C7C2-4314-B78E-689DF8700A98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6865F543-DE94-4E24-AFBD-0A19E265BE0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CC6F2343-A62E-4CC4-A34F-2DA11809FA68}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5BF9577D-CBC4-49FA-B458-F8936AC0501E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B924893E-5E97-4402-97C6-003F4773E49F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2D6DB768-8A83-46F2-AD3D-94110A186361}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3FED0984-4545-4F1D-B0D5-7CEA9A59F973}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CB16B06-ED3C-4742-A781-C0CA9C4B0316}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D2F2C20-F396-41BF-8ED5-099A295A830E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8D35C74C-CB36-4720-B1D8-DBB4CDC122C7}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC44897F-D8D3-493C-AF45-4ADC01880BF6}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F8EB6C0D-AB6A-49E7-A95E-CB654F6505D2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DEF8791-2BCC-4EB5-9542-C67559D9C441}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6C65E35B-ED1C-4D2C-A6F1-69155C81CD99}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BD1DE6E0-09BB-4D35-9113-53F03F94AD12}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE91C09E-86C8-482B-BDAF-6FE63CCC26E0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2616BE21-5152-4F3E-AEBF-177B3D397F16}] => (Allow) E:\Origin\Games\Battlefield 3\bf3.exe
FirewallRules: [{0860BCEC-9826-4D54-BB24-BB767F6BD344}] => (Allow) E:\Origin\Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{864FEF62-8B40-4EDA-8D0F-C7348B2A12F6}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [UDP Query User{EA8DF30B-9463-411C-9632-29002FBEF7F3}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe
FirewallRules: [TCP Query User{840D3A41-3330-443E-BC1F-DC90F5751585}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8B4F3A11-73BC-47C8-BB73-200C4141EDD4}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{8C8CF9CB-FBE0-4656-9755-A3A0E844DD87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{970659C7-1533-4634-B09E-71BD45EDA701}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7A50289C-B4A4-40FE-9454-EA03C4A691F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{65C0FB82-25AC-4A99-82B4-C1D4C9155E1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C1DCFF1D-1D5A-4CE5-83A6-A9AFA1170514}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{AA501311-2D2C-4599-9040-24AFBA099323}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{54402DDE-63B3-42C5-8D29-8DDEA6494092}] => (Allow) E:\Origin\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{7D3DFAB6-8937-4B61-89A2-27214F0D734F}] => (Allow) E:\Origin\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{DE8B36E4-5192-4FD5-B627-A466A0659007}] => (Allow) E:\Origin\Games\Battlefield 4\bf4.exe
FirewallRules: [{86E91CCE-3770-428F-A1E5-0BC794F104A8}] => (Allow) E:\Origin\Games\Battlefield 4\bf4.exe
FirewallRules: [{57FC17B7-C94A-47BA-91CD-3232F238BAED}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A35C756-3CFA-43FF-A0BD-DA898D8FA745}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4FB1135F-1476-4A92-B59F-D03CDA55CB15}] => (Allow) E:\Origin\Games\BFH Beta 2\bfh.exe
FirewallRules: [{F45BA9C0-A5A6-49ED-9EC7-830CD419A3D7}] => (Allow) E:\Origin\Games\BFH Beta 2\bfh.exe
FirewallRules: [{9A8B6EEC-6C13-4390-A323-BC782FDC64D5}] => (Allow) F:\Program Files (x86)\Brother\Brmfl12d\FAXRX.EXE
FirewallRules: [{95B336B3-9E46-4B18-8069-85624DE9D6BC}] => (Allow) LPort=54925
FirewallRules: [{F7536FBD-C4AB-47FF-B54A-E1796EBF8D66}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D2FB79BA-6456-446D-A9E1-A242188B6767}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B75B4B85-BA5F-4B84-8AF6-15C254A57835}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{2FFD1DEB-D660-4AC3-93C5-8521AB44434E}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{3CA0822C-857E-4F9E-8B02-4FC9695387FD}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{80E23572-23D1-4AED-A3F1-18DF9C8F158B}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{4A814D03-E127-4A1F-9084-BA575DE56DCB}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{B814F2E8-A9BB-4AD0-85B4-6620054426F4}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{C8DDAE8D-B676-4BAF-AC5E-8252AE38E077}] => (Allow) E:\Heroes of the Storm\Battle.net\Battle.net.exe
FirewallRules: [{74C8136A-BC54-40AA-81F2-189C601CA677}] => (Allow) E:\Heroes of the Storm\Battle.net\Battle.net.exe
FirewallRules: [{0E27AEFD-FFFF-49B1-8194-FE46824A4249}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{B869ED3A-940B-4BB0-8668-659B70C91CB8}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{FBE9BBE5-F6A2-4D5D-865E-B84761885F7F}] => (Allow) E:\Virtual RC Pro\vrcpro.exe
FirewallRules: [{28649739-4B4A-4539-A953-ECECE20A196A}] => (Allow) E:\Virtual RC Pro\game.exe
FirewallRules: [{A6FC648F-6204-4FA4-9D69-15EEB77D7A92}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{8F46C29C-D13E-4731-9B13-6B5719035275}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{44431136-FA17-44CF-9A2C-4714FDABF8A2}] => (Allow) F:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{BC7AC2FA-183C-486C-8432-488F4C2BAE83}] => (Allow) F:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{CF84EA40-B6F3-4B46-82A0-AE9C23B629DE}] => (Allow) F:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{3639A472-00D3-4092-9B8D-C25E016F1C7C}] => (Allow) F:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{0245045D-9B2C-49F3-A84D-BE99F2E20CF1}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{E07C9734-B3B2-41EE-9D00-76577680B09A}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{70660A0E-57FE-475B-AD0C-A95B2DC38814}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{44DD0E66-3857-4FF4-A38B-7EEA17201DD9}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{5E5DF90C-54FD-46FD-A53B-981541791F65}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\The Four Kings Casino and Slots\Casino.exe
FirewallRules: [{ABC14962-5E9E-4324-B843-8F6AD341BD38}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\The Four Kings Casino and Slots\Casino.exe
FirewallRules: [{F377C8A0-8941-4EC6-A3B6-EAE076F5F898}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{34E299D3-422B-4A6A-8689-7276270F6B17}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E1F0B4EB-5B54-4725-A3F6-27A320BFCB80}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AA0E5DDE-AB7C-4926-9A4F-AB69C9C34A25}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{376D38AC-A567-4E4F-BD72-C808095DAEE8}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{1AA3FD75-051F-4DAE-8982-4D3ADCCCEF69}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{001FB3AE-7AA9-4AC0-83B4-AEA8A99178DB}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{C05AB4D0-5ECA-41B6-ADB6-CBE4AF9773FD}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{64A8E1A5-C6A7-459B-9747-26FE91DA7C53}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Pool Nation\Pool.exe
FirewallRules: [{17652F05-A4AF-405A-8A37-19D9D5B34044}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Pool Nation\Pool.exe
FirewallRules: [{C8BF7AF7-6CBB-4994-9A1E-8B8C4D9F49EC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{43FBEB72-D560-4921-8D35-5AFAB5341E01}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-01-23 18:42:14.134
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-23 18:42:14.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-23 18:42:13.858
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-23 18:42:13.794
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-23 18:37:11.698
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-22 15:12:31.944
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-15 12:05:24.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-15 12:05:24.768
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-15 11:55:51.226
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-01-13 09:37:35.971
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 22%
Total physical RAM: 16322.76 MB
Available physical RAM: 12671.45 MB
Total Virtual: 32706.76 MB
Available Virtual: 27719.15 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:39.4 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Spiele) (Fixed) (Total:681.64 GB) (Free:353.72 GB) NTFS
Drive f: (Programme) (Fixed) (Total:715.52 GB) (Free:579.98 GB) NTFS
Drive h: () (Removable) (Total:0.93 GB) (Free:0.93 GB) FAT
Drive i: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:884.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 17C43E86)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 4344EB7A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=681.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=715.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8089D39D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 956 MB) (Disk ID: 48680483)
Partition 1: (Active) - (Size=956 MB) - (Type=06)
==================== End of log ============================
FRST.txt Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by Steven (administrator) on GURKE on 12-07-2015 20:47:06
Running from C:\Users\Steven\Desktop
Loaded Profiles: Steven (Available Profiles: Steven)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Fitbit, Inc.) F:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(Malwarebytes Corporation) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Greenshot) F:\Program Files\Greenshot\Greenshot.exe
() C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(ROCCAT GmbH Co., Ltd.) F:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\plugin-nm-server.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) F:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) F:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) F:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => F:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-13] (Greenshot)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [RoccatIskuFX] => C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-01-29] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => F:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4370976 2014-12-12] (Fitbit, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [Overwolf] => F:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-06-21] (Overwolf LTD)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [Spotify] => C:\Users\Steven\AppData\Roaming\Spotify\Spotify.exe [6621752 2014-09-10] (Spotify Ltd)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [Spotify Web Helper] => C:\Users\Steven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-10] (Spotify Ltd)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [NvLedServiceHost] => C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe [87368 2015-06-03] ()
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [Amazon Cloud Player] => C:\Users\Steven\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282304 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [CCleaner Monitoring] => F:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe [6120544 2014-11-14] (Kaspersky Lab ZAO)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [GoogleChromeAutoLaunch_F24911D7A7038F5FFBF2DBF664E78DA0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-07] (Google Inc.)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [Fitbit Connect] => F:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4370976 2014-12-12] (Fitbit, Inc.)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Run: [ICQ] => F:\Program Files (x86)\ICQ7.7\ICQ.exe [127040 2015-05-27] (ICQ, LLC.)
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\MountPoints2: {7e06e0e5-3841-11e4-bffb-0015833d0a57} - "H:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\MountPoints2: {e6942c96-a6c9-11e4-804e-0015833d0a57} - "H:\startme.exe"
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\...\MountPoints2: {fb4c59d8-fa13-11e4-80a1-0015833d0a57} - "H:\HTC_Sync_Manager_PC.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2013-12-23]
ShortcutTarget: Roccat Talk.lnk -> F:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-12-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll [2015-03-11] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll [2015-03-11] (Kaspersky Lab ZAO)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-552782436-3684921078-2302428421-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-552782436-3684921078-2302428421-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-552782436-3684921078-2302428421-1001 -> DefaultScope {A9E7CF49-3AD8-4C15-8D30-9CAC7F8AD848} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE0&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-552782436-3684921078-2302428421-1001 -> {A9E7CF49-3AD8-4C15-8D30-9CAC7F8AD848} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE0&p={SearchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-11] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-02] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-11] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-02] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-11] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-11] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-02] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> E:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2015-05-14] (Perfect World Entertainment Inc)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> F:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-11] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-02] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-11] (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [74240 2015-03-08] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [74240 2015-03-08] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6FE11FE9-6084-44A5-85D5-7FA6EF912E6D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ABFF473B-7522-4590-8FDF-6F7C3F303062}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF ProfilePath: C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\albk58s2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-02] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-11] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-11] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-11] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> F:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> F:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> F:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> E:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2015-05-14] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-552782436-3684921078-2302428421-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Steven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-552782436-3684921078-2302428421-1001: electronicarts.com/GameFacePlugin -> C:\Users\Steven\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts)
FF Extension: ColorZilla - C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\albk58s2.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-06-30]
FF Extension: Firebug - C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\albk58s2.default\Extensions\firebug@software.joehewitt.com.xpi [2015-01-28]
FF Extension: View Source Chart - C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\albk58s2.default\Extensions\{68836a21-fc7d-4ea1-a065-7efabd99d414}.xpi [2015-01-28]
FF Extension: Web Developer - C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\albk58s2.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-01-27]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-11]
StartMenuInternet: FIREFOX.EXE - F:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-03]
CHR Extension: (Google Drive) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-03]
CHR Extension: (YouTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-03]
CHR Extension: (Google Search) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-03]
CHR Extension: (Kaspersky Protection) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-11]
CHR Extension: (Google Play Music) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-10-15]
CHR Extension: (AdBlock) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-07]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2014-12-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-22]
CHR Extension: (Racers Revolution) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\memgmdfpdhjodfiolibfikhlpkcnapge [2013-11-16]
CHR Extension: (HD Facebook Video Downloader) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbaekgmbkigogkeofkobbhobinbbljpg [2013-11-16]
CHR Extension: (Google Wallet) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-03]
CHR Extension: (fast-and-furious-5) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaejlicppmocbgfdgickhjmpnoaapic [2013-11-16]
CHR Extension: (PAYBACK Internet Assistent für Google Chrome) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2014-04-05]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2013-12-28]
CHR Extension: (Gmail) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-03]
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-24]
CHR Extension: (Google Docs) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-24]
CHR Extension: (Google Drive) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-24]
CHR Extension: (YouTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-30]
CHR Extension: (Google Search) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (Kaspersky Protection) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-24]
CHR Extension: (Youtube-to-MP3 GOLD) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejcmlonfegmnhinnopgjhibfghbgpeoc [2015-05-03]
CHR Extension: (Google Play Music) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-03-24]
CHR Extension: (Google Sheets) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-24]
CHR Extension: (ChromeADB) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhdoijgfljahinnpbolfdimpcfoicmnm [2015-03-25]
CHR Extension: (AdBlock) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-24]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2015-03-24]
CHR Extension: (anonymoX) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icpklikeghomkemdellmmkoifgfbakio [2015-06-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-24]
CHR Extension: (Skype Click to Call) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-24]
CHR Extension: (Google Wallet) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Google Publisher Toolbar) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2015-04-28]
CHR Extension: (PAYBACK Internet Assistent für Google Chrome) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2015-03-24]
CHR Extension: (Youtube MP3 Downloader) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pcchkehcnfohjjjlcijjieanjoonhaha [2015-05-03]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-03-24]
CHR Extension: (Quick start) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2015-03-24]
CHR Extension: (Gmail) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKU\S-1-5-21-552782436-3684921078-2302428421-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hknpjpodmmapnfjhnblgmalmaanpajhc] - C:\ProgramData\VideoDownloaderUltimate\Chrome\VideoDownloaderUltimate.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-12-30] (Adobe Systems) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 ArcService; E:\Program Files (x86)\Arc\ArcService.exe [88400 2015-05-14] (Perfect World Entertainment Inc)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [951440 2013-06-04] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-13] (ASUSTeK Computer Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 Fitbit Connect; F:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5738528 2014-12-12] (Fitbit, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-11-21] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-04] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-06-29] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2015-06-29] ()
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [253776 2013-03-06] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 ews-dbserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\dbserver\bin\ews-mysqld.exe ews-dbserver [X]
S2 ews-httpserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\httpserver\bin\ews-httpd.exe -k runservice [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
S3 busenum; C:\Windows\System32\drivers\SteelBus64.sys [134656 2013-06-25] (SteelSeries Corporation) [File not signed]
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [98064 2012-12-10] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [67344 2012-12-10] (Infowatch)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-03-11] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-03-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-03-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-05-13] (Oracle Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-12 20:47 - 2015-07-12 20:47 - 00040400 _____ C:\Users\Steven\Desktop\FRST.txt
2015-07-12 20:46 - 2015-07-12 20:47 - 00000000 ____D C:\FRST
2015-07-12 20:46 - 2015-07-12 20:46 - 02130944 _____ (Farbar) C:\Users\Steven\Desktop\FRST64.exe
2015-07-12 19:47 - 2015-07-12 19:47 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-12 19:47 - 2015-07-12 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-12 19:47 - 2015-07-12 19:47 - 00000000 ____D C:\Program Files\iTunes
2015-07-12 19:47 - 2015-07-12 19:47 - 00000000 ____D C:\Program Files\iPod
2015-07-12 19:47 - 2015-07-12 19:47 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-12 19:46 - 2015-07-12 19:46 - 00001857 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-12 19:46 - 2015-07-12 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-12 19:46 - 2015-07-12 19:46 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-07 20:15 - 2015-07-07 20:15 - 00002199 _____ C:\Users\Steven\Downloads\CSGO Text Mod.rar
2015-07-07 19:44 - 2015-07-07 19:44 - 02209221 _____ C:\Users\Steven\Downloads\boulotaur2024injector.rar
2015-07-07 19:44 - 2015-07-07 19:44 - 00000000 ____D C:\Users\Steven\Downloads\boulotaur2024injector
2015-07-07 19:30 - 2015-07-07 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2015-07-07 19:29 - 2015-07-07 19:29 - 42905237 _____ C:\Users\Steven\Downloads\righT.GUI_V2.7_for_CSGO.zip
2015-07-07 19:29 - 2015-07-07 19:29 - 00000000 ____D C:\Users\Steven\Downloads\righT.GUI_V2.7_for_CSGO
2015-07-07 19:27 - 2015-07-07 19:27 - 00023805 _____ C:\Users\Steven\Downloads\SweetFX_Settings_Counter-Strike- Global Offensive_Pizzadox Settings.txt
2015-07-07 19:13 - 2015-07-07 19:14 - 00010375 _____ C:\Users\Steven\Desktop\Sitzordnung-1.xlsx
2015-07-07 15:53 - 2015-07-07 15:53 - 00665565 _____ C:\Users\Steven\Downloads\927D.tmp
2015-07-06 22:30 - 2015-07-06 22:30 - 00463190 _____ C:\Users\Steven\Downloads\handy-paradise.wordpress.2015-07-06.xml
2015-07-05 20:18 - 2015-07-05 20:18 - 00000000 ____D C:\Users\Steven\Downloads\SpeedAutoClicker
2015-07-05 20:18 - 2013-09-24 11:14 - 00179200 _____ (fabi.me) C:\Users\Steven\Desktop\SpeedAutoClicker.exe
2015-07-03 11:31 - 2015-07-05 20:45 - 00000000 ____D C:\Users\Steven\AppData\Local\fabi.me
2015-07-03 11:31 - 2015-07-03 11:31 - 00094899 _____ C:\Users\Steven\Downloads\SpeedAutoClicker.zip
2015-07-03 08:56 - 2015-07-03 08:58 - 00000000 ____D C:\AdwCleaner
2015-07-03 08:56 - 2015-07-03 08:56 - 02244096 _____ C:\Users\Steven\Downloads\adwcleaner_4.207.exe
2015-07-02 12:31 - 2015-07-02 12:31 - 00000222 _____ C:\Users\Steven\Desktop\Pool Nation.url
2015-06-30 23:35 - 2015-07-12 20:00 - 01202579 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-30 23:32 - 2015-06-30 23:32 - 06565736 _____ (Piriform Ltd) C:\Users\Steven\Downloads\ccsetup507.exe
2015-06-30 09:30 - 2015-06-30 09:30 - 00003114 _____ C:\WINDOWS\System32\Tasks\{F970A771-01AD-4A0E-8C51-AB975E26E497}
2015-06-30 09:27 - 2015-06-30 09:27 - 06477032 _____ (Tim Kosse) C:\Users\Steven\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-29 10:53 - 2015-06-29 10:53 - 00000000 ____D C:\Users\Steven\AppData\Roaming\com.playsaurus.heroclicker
2015-06-29 10:52 - 2015-06-29 10:52 - 00000222 _____ C:\Users\Steven\Desktop\Clicker Heroes.url
2015-06-29 09:24 - 2015-06-29 09:23 - 03130440 _____ C:\WINDOWS\SysWOW64\pbsvc_blr.exe
2015-06-29 09:16 - 2015-06-30 23:32 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-28 22:53 - 2015-06-28 22:53 - 00000000 ____D C:\Users\Steven\AppData\Roaming\.mono
2015-06-28 22:51 - 2015-06-28 22:51 - 00000222 _____ C:\Users\Steven\Desktop\The Four Kings Casino and Slots.url
2015-06-28 20:24 - 2015-06-28 20:24 - 00953486 _____ C:\Users\Steven\Downloads\OptiFine_1.8.7_HD_U_D5.jar
2015-06-25 14:57 - 2015-06-25 14:57 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Actual Tools
2015-06-25 14:57 - 2015-06-25 14:57 - 00000000 ____D C:\ProgramData\Actual Tools
2015-06-25 14:56 - 2015-06-25 14:56 - 10087424 _____ (Actual Tools ) C:\Users\Steven\Downloads\ammsetup.exe
2015-06-25 14:54 - 2015-06-25 14:54 - 00000222 _____ C:\Users\Steven\Desktop\Echo of Soul.url
2015-06-24 17:00 - 2015-06-24 17:00 - 00000000 ____D C:\ProgramData\Codemasters
2015-06-23 17:21 - 2015-06-23 17:21 - 00000893 _____ C:\Users\Steven\Desktop\PandashanLauncher.exe.lnk
2015-06-23 16:54 - 2015-06-23 16:54 - 00000000 ____D C:\Users\Public\Documents\Blizzard Entertainment
2015-06-23 14:42 - 2015-06-23 14:42 - 00000704 _____ C:\Users\Steven\Desktop\The Elder Scrolls Online.lnk
2015-06-23 14:42 - 2015-06-23 14:42 - 00000000 ____D C:\WINDOWS\jre
2015-06-23 14:42 - 2015-06-23 14:42 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2015-06-22 16:07 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-22 16:06 - 2015-06-17 11:10 - 42729104 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-22 16:06 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435330.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435330.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-06-22 16:06 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-06-22 16:06 - 2015-06-17 11:10 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-06-18 22:22 - 2015-06-19 01:51 - 00000000 ____D C:\ProgramData\FitbitConnect
2015-06-18 22:22 - 2015-06-18 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2015-06-17 00:23 - 2015-06-17 00:23 - 00094208 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QuickTimeVR.qtx
2015-06-17 00:23 - 2015-06-17 00:23 - 00069632 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QuickTime.qts
2015-06-14 20:15 - 2015-07-06 19:45 - 00000000 ____D C:\Users\Steven\Desktop\Neuer Ordner (2)
2015-06-14 10:56 - 2015-06-14 10:56 - 00000000 ____D C:\Users\Steven\AppData\Local\elfopatch
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-12 20:46 - 2014-05-02 16:42 - 00000000 ____D C:\Users\Steven\AppData\Roaming\NetSpeedMonitor
2015-07-12 20:32 - 2014-09-24 08:16 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-12 20:32 - 2014-09-24 07:43 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-12 20:32 - 2014-09-24 07:43 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-12 20:23 - 2013-10-01 20:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-12 20:21 - 2014-09-08 11:18 - 00000216 _____ C:\WINDOWS\MB.idx
2015-07-12 20:21 - 2013-10-01 19:20 - 00000551 _____ C:\WINDOWS\Path.idx
2015-07-12 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-12 19:57 - 2014-06-20 23:31 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8ccf443d60c.job
2015-07-12 19:55 - 2015-02-04 22:13 - 00000360 _____ C:\WINDOWS\BRRBCOM.INI
2015-07-12 19:55 - 2014-09-02 11:29 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-12 19:54 - 2015-03-11 13:38 - 00000000 ____D C:\Users\Steven\AppData\Local\CrashDumps
2015-07-12 19:52 - 2013-10-01 18:39 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-552782436-3684921078-2302428421-1001
2015-07-12 19:47 - 2015-04-11 21:44 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-12 19:47 - 2013-10-03 16:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-12 19:42 - 2014-10-28 15:36 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1DC553EC-4C9C-4F80-A7AB-7C0F4000126C}
2015-07-12 19:40 - 2015-02-08 22:39 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-12 19:40 - 2014-10-26 19:31 - 00000000 ____D C:\Users\Steven\OneDrive
2015-07-12 19:39 - 2014-02-12 00:16 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf2776eb65ef67.job
2015-07-12 19:39 - 2013-10-01 19:15 - 01048576 _____ C:\WINDOWS\PE_Rom.dll
2015-07-12 19:38 - 2014-10-26 18:57 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-12 19:38 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-09 22:36 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-07-09 22:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-09 21:54 - 2013-10-01 19:42 - 00000000 ____D C:\Users\Steven\AppData\Roaming\TS3Client
2015-07-09 21:23 - 2013-10-01 20:17 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-09 17:27 - 2013-10-16 19:43 - 00000000 ____D C:\Users\Steven\AppData\Local\Greenshot
2015-07-09 15:23 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-08 16:05 - 2013-10-30 21:52 - 00000000 ____D C:\Users\Steven\AppData\Local\Purplizer
2015-07-08 14:38 - 2013-10-27 20:37 - 00000000 ____D C:\Users\Steven\AppData\Local\Overwolf
2015-07-07 19:15 - 2014-10-26 19:02 - 00000000 ____D C:\Users\Steven
2015-07-07 19:15 - 2014-04-27 12:45 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2015-07-07 19:03 - 2014-09-12 11:06 - 00000000 ____D C:\Users\Steven\AppData\Roaming\.minecraft
2015-07-07 18:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-06 23:24 - 2014-10-28 19:14 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-06 23:24 - 2014-10-28 19:14 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-06 22:29 - 2013-10-22 00:28 - 00000000 ____D C:\Users\Steven\AppData\Roaming\FileZilla
2015-07-03 10:09 - 2013-10-02 23:13 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Skype
2015-07-03 09:41 - 2015-02-25 11:11 - 00000000 ____D C:\Users\Steven\Desktop\Gurkenbrot
2015-06-30 23:32 - 2013-10-01 18:53 - 00000715 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-30 09:28 - 2015-02-07 21:27 - 00000453 _____ C:\WINDOWS\wiso.ini
2015-06-30 09:28 - 2013-10-01 18:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-30 09:27 - 2014-10-15 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-06-29 09:24 - 2013-10-02 15:14 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-06-29 09:24 - 2013-10-02 15:14 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-06-29 09:24 - 2013-10-02 15:14 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-06-28 19:00 - 2015-02-08 22:39 - 00000828 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-28 19:00 - 2015-02-08 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-25 16:55 - 2015-04-10 17:46 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 16:53 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-06-24 17:00 - 2015-03-15 01:15 - 00000000 ____D C:\Users\Steven\Documents\my games
2015-06-24 17:00 - 2014-07-28 10:21 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2015-06-24 17:00 - 2014-07-28 10:21 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2015-06-24 17:00 - 2014-07-28 10:21 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2015-06-24 17:00 - 2014-07-28 10:21 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2015-06-24 17:00 - 2014-07-28 10:21 - 00000000 ____D C:\Program Files (x86)\OpenAL
2015-06-23 17:35 - 2013-10-25 11:14 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Notepad++
2015-06-22 16:07 - 2015-06-02 09:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-22 16:07 - 2015-05-25 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-22 16:07 - 2014-10-26 18:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-22 15:48 - 2015-05-25 19:43 - 00001393 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-22 15:13 - 2014-11-17 11:49 - 00000000 __SHD C:\Users\Steven\AppData\Local\EmieBrowserModeList
2015-06-22 15:13 - 2014-10-28 15:36 - 00000000 __SHD C:\Users\Steven\AppData\Local\EmieUserList
2015-06-22 15:13 - 2014-10-28 15:36 - 00000000 __SHD C:\Users\Steven\AppData\Local\EmieSiteList
2015-06-18 08:42 - 2015-02-08 22:39 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2015-02-08 22:39 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2015-02-08 22:39 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-17 11:10 - 2015-05-25 19:25 - 17724600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-17 11:10 - 2015-05-25 19:25 - 15224784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-17 11:10 - 2015-05-25 19:25 - 12855416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-06-17 11:10 - 2015-05-25 19:25 - 03395648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-06-17 11:10 - 2015-05-25 19:25 - 02997544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-17 11:10 - 2015-05-25 19:25 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-06-17 11:10 - 2015-05-25 19:25 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-06-17 08:48 - 2015-05-25 19:30 - 06873232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-17 08:48 - 2015-05-25 19:30 - 03492168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-17 08:48 - 2015-05-25 19:30 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-17 08:48 - 2015-05-25 19:30 - 01059472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-06-17 08:48 - 2015-05-25 19:30 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-17 08:48 - 2015-05-25 19:30 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-17 08:48 - 2015-05-25 19:30 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-06-17 08:48 - 2015-05-25 19:30 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-14 10:56 - 2014-04-27 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-06-14 10:54 - 2014-06-19 12:33 - 00000000 ____D C:\Users\Steven\AppData\Local\Adobe
2015-06-12 16:30 - 2015-06-10 21:42 - 00000000 ____D C:\Users\Steven\.VirtualBox
==================== Files in the root of some directories =======
2014-04-21 23:45 - 2014-04-22 17:37 - 0001403 _____ () C:\Users\Steven\AppData\Roaming\SpeedRunnersLog.txt
2013-12-22 15:10 - 2015-04-29 20:17 - 0000600 _____ () C:\Users\Steven\AppData\Roaming\winscp.rnd
2014-05-09 11:23 - 2015-05-03 19:22 - 0000600 _____ () C:\Users\Steven\AppData\Local\PUTTY.RND
2015-05-14 13:09 - 2015-05-14 13:09 - 0002704 _____ () C:\Users\Steven\AppData\Local\recently-used.xbel
2013-10-01 21:57 - 2013-10-01 21:57 - 0007605 _____ () C:\Users\Steven\AppData\Local\Resmon.ResmonCfg
2014-10-26 18:57 - 2014-10-26 18:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-08 19:17 - 2015-02-08 19:17 - 0005073 _____ () C:\ProgramData\wmzddnmb.cix
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-12 19:52
==================== End of log ============================
|
Hinweis:
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
