| HorreRide | 07.03.2015 20:46 |
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2015 01
Ran by Hossam (administrator) on EASYMUFFIN on 07-03-2015 20:38:49
Running from X:\Libraries\Downloads
Loaded Profiles: Hossam & (Available profiles: Hossam)
Platform: Windows 8.1 (X64) OS Language: German (Germany)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\puush\puush.exe
(Valve Corporation) X:\Program Files\Steam\Steam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Valve Corporation) X:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AppWork GmbH) C:\Program Files\JDownloader v2.0\JDownloader2.exe
(Valve Corporation) X:\Program Files\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7611608 2014-05-27] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Razer Lachesis Driver] => C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe [838160 2012-12-21] (Razer USA Ltd)
HKLM-x32\...\Run: [EaseUS TB Tray Agent] => C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [253992 2014-12-15] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-12-07] ()
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\Run: [Spotify Web Helper] => C:\Users\Hossam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\Run: [Steam] => X:\Program Files\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\Run: [Spotify] => C:\Users\Hossam\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-12-07] ()
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Hossam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => X:\Program Files\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Hossam\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-14] (Spotify Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3450479177-531897440-768990038-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Hossam\AppData\Roaming\Mozilla\Firefox\Profiles\RdWz8WBB.default
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-05-14] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Hossam\AppData\Roaming\Mozilla\Firefox\Profiles\RdWz8WBB.default\Extensions\abs@avira.com [2014-12-09]
Chrome:
=======
CHR HomePage: Default -> hxxp://binkiland.com/?f=1&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1QzuyByE0DyEtAyD0F0B0E0F0BtCtAyE0C0BtN0D0Tzu0StCtCyEyEtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtC0EyCzz0D0DyCtGzztB0ByCtGyDyBtDzytG0E0C0FtDtGtB0C0EyEtByCtAyE0B0Bzy0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCtA0DyEyByByBtGzzzz0BzytGyE0EtCzytGzzyCtDzztGtDtA0AzytByEyDyB0AyDzz0C2Q&cr=1867435061&ir=
CHR StartupUrls: Default -> "hxxp://binkiland.com/?f=7&a=bnk_ir_15_08&cd=2XzuyEtN2Y1L1QzuyByE0DyEtAyD0F0B0E0F0BtCtAyE0C0BtN0D0Tzu0StCtCyEyEtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtC0EyCzz0D0DyCtGzztB0ByCtGyDyBtDzytG0E0C0FtDtGtB0C0EyEtByCtAyE0B0Bzy0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCtA0DyEyByByBtGzzzz0BzytGyE0EtCzytGzzyCtDzztGtDtA0AzytByEyDyB0AyDzz0C2Q&cr=1867435061&ir="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-07]
CHR Extension: (BetterTTV) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-12-07]
CHR Extension: (Google Docs) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-07]
CHR Extension: (Google Drive) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-15]
CHR Extension: (YouTube) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-07]
CHR Extension: (Adblock Plus) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-07]
CHR Extension: (Google Search) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-07]
CHR Extension: (Woodark) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\daiallmdmonifegjibcalpdgnjaomkme [2015-02-19]
CHR Extension: (Google Sheets) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-07]
CHR Extension: (Avira Browser Safety) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-10]
CHR Extension: (Hola Better Internet) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-01-09]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-12-07]
CHR Extension: (FVD Downloader) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-02-14]
CHR Extension: (Google Wallet) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-07]
CHR Extension: (Gmail) - C:\Users\Hossam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-07] ()
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-12-07] (EasyAntiCheat Ltd)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16384 2014-04-16] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-05-14] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S3 KAUpdateService; F:\Programme\The Book of Unwritten Tales 2\service\KAUpdateService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [468240 2013-08-29] (Intel Corporation)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
R3 lachesis35g; C:\Windows\System32\drivers\lachesis35g.sys [11776 2012-12-10] (Razer USA Ltd)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-07] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-05-14] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [910992 2015-02-13] (TENCENT)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 20:38 - 2015-03-07 20:38 - 00000000 ____D () C:\FRST
2015-03-07 20:21 - 2015-03-07 20:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-07 20:21 - 2015-03-07 20:21 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-07 20:21 - 2015-03-07 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-07 20:21 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-07 20:21 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-07 20:21 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-06 11:54 - 2015-03-06 11:54 - 00000000 ____D () C:\Program Files\GIGABYTE
2015-03-06 11:54 - 2013-10-28 10:02 - 00022240 _____ () C:\Windows\system32\Drivers\AppleCharger.sys
2015-03-06 11:54 - 2013-10-24 17:29 - 00022240 _____ () C:\Windows\system32\Drivers\UsbCharger.sys
2015-03-06 11:54 - 2010-04-06 16:30 - 00031272 _____ () C:\Windows\system32\AppleChargerSrv.exe
2015-03-05 15:43 - 2015-03-05 15:43 - 00000000 ____D () C:\Users\Hossam\AppData\Local\Keysticks.net
2015-03-05 15:42 - 2015-03-05 15:42 - 00002657 _____ () C:\Users\Public\Desktop\Keysticks.lnk
2015-03-05 15:42 - 2015-03-05 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Keysticks
2015-03-05 15:42 - 2015-03-05 15:42 - 00000000 ____D () C:\ProgramData\Keysticks.net
2015-03-05 15:42 - 2015-03-05 15:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2015-03-05 15:42 - 2015-03-05 15:42 - 00000000 ____D () C:\Program Files (x86)\Keysticks.net
2015-03-02 21:10 - 2015-03-02 21:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-28 16:05 - 2015-02-28 16:11 - 00001024 ____H () C:\AMTAG.BIN
2015-02-28 15:35 - 2015-02-28 15:35 - 00004096 ___SH () C:\{E997FCA9-2A36-4989-9162-FD05FC2C0A1A}.CBM
2015-02-28 15:26 - 2015-02-28 15:35 - 00492032 ___SH () C:\{1944EB38-0039-4E61-937A-C26C31DF3E8B}.CBM
2015-02-28 15:23 - 2015-02-28 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-02-28 15:23 - 2015-02-28 15:23 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2015-02-28 15:18 - 2015-02-28 15:26 - 00488448 ___SH () C:\EUMONBMP.SYS
2015-02-28 14:31 - 2015-02-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.0
2015-02-28 14:29 - 2014-12-15 01:03 - 00024104 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\fbnative.exe
2015-02-28 13:39 - 2015-02-28 13:40 - 00001546 _____ () C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad.lnk
2015-02-28 13:39 - 2015-02-28 13:39 - 00000000 _____ () C:\Users\Hossam\-multi.txt
2015-02-27 19:49 - 2015-02-27 19:49 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-25 17:47 - 2015-02-25 17:47 - 00000000 ____D () C:\Users\Hossam\My Games
2015-02-25 17:38 - 2015-02-25 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\There Came an Echo
2015-02-25 17:38 - 2015-02-25 17:38 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2015-02-24 21:06 - 2015-02-24 21:06 - 00001321 _____ () C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenHardwareMonitor.lnk
2015-02-24 10:20 - 2015-02-24 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-24 10:20 - 2015-02-24 10:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-24 10:20 - 2015-02-24 10:20 - 00000000 ____D () C:\Program Files\iTunes
2015-02-24 10:20 - 2015-02-24 10:20 - 00000000 ____D () C:\Program Files\iPod
2015-02-24 10:20 - 2015-02-24 10:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-23 15:50 - 2015-02-23 15:50 - 00000000 ____D () C:\Meine Backups
2015-02-23 15:50 - 2014-12-15 00:59 - 00192040 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EuFdDisk.sys
2015-02-23 15:50 - 2014-12-15 00:59 - 00060968 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eubakup.sys
2015-02-23 15:50 - 2014-12-15 00:59 - 00048168 _____ () C:\Windows\system32\Drivers\EUBKMON.sys
2015-02-23 15:50 - 2014-12-15 00:59 - 00018472 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eudskacs.sys
2015-02-23 15:48 - 2015-02-28 14:30 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2015-02-21 22:11 - 2015-02-25 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Book of Unwritten Tales 2
2015-02-21 00:15 - 2015-02-21 00:15 - 00000000 ____D () C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-21 00:15 - 2015-02-21 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-19 11:14 - 2015-02-19 11:14 - 00000000 ____D () C:\Users\Hossam\AppData\Local\Steam
2015-02-18 22:24 - 2015-02-18 22:24 - 00000000 ____D () C:\Users\Hossam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-02-18 22:22 - 2015-03-07 19:31 - 00000000 ____D () C:\Program Files\JDownloader v2.0
2015-02-18 14:30 - 2015-02-18 14:30 - 00000000 ____D () C:\Users\Hossam\AppData\Local\Focus Home Interactive
2015-02-13 00:26 - 2015-02-13 00:26 - 00000000 ____D () C:\Users\Hossam\AppData\Local\AAA_Internet_Publishing,_
2015-02-13 00:26 - 2015-02-13 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast
2015-02-13 00:26 - 2014-10-15 14:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2015-02-12 11:32 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 11:32 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 12:23 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 12:23 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 12:23 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 12:23 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 12:23 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 12:23 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 12:23 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 12:23 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 12:23 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 12:23 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 12:23 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 12:23 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 12:23 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 12:23 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 12:23 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 12:23 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 12:23 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 12:23 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 12:23 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 12:23 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 12:23 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 12:23 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 12:23 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 12:23 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 12:23 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 12:23 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-11 12:22 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 12:22 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 12:22 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 12:22 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 12:22 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 12:22 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 12:22 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 12:22 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 12:22 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 12:22 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 12:22 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 12:22 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 12:22 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 12:22 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 12:22 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 12:22 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 12:22 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 12:22 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 12:22 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 12:22 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 12:22 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 12:22 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 12:22 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 12:22 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 12:22 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 12:22 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 12:22 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 12:22 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 12:22 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 12:22 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 12:22 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 12:22 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 12:22 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 12:22 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 12:22 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-07 20:42 - 2015-02-07 20:42 - 00000000 ____D () C:\Download
2015-02-07 20:42 - 2015-02-07 20:42 - 00000000 ____D () C:\AllShare
2015-02-07 20:41 - 2015-03-06 11:54 - 00000000 ____D () C:\Users\Hossam\AppData\Local\Downloaded Installations
2015-02-07 20:41 - 2015-02-09 10:39 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-02-07 20:17 - 2015-02-09 10:39 - 00000000 ____D () C:\Users\Hossam\AppData\Roaming\SAMSUNG
2015-02-07 20:17 - 2015-02-07 20:17 - 00000000 ____D () C:\Upload
2015-02-07 20:17 - 2015-02-07 20:17 - 00000000 ____D () C:\ProgramData\SAMSUNG
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 20:35 - 2014-12-07 00:54 - 01323332 _____ () C:\Windows\WindowsUpdate.log
2015-03-07 20:34 - 2014-12-18 21:56 - 00045301 _____ () C:\Windows\SysWOW64\Gms.log
2015-03-07 20:32 - 2014-12-07 07:36 - 00000000 ____D () C:\Users\Hossam\AppData\Roaming\Skype
2015-03-07 20:12 - 2014-12-07 06:57 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-07 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-07 16:37 - 2014-03-18 11:03 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-07 16:37 - 2014-03-18 10:25 - 00765378 _____ () C:\Windows\system32\perfh007.dat
2015-03-07 16:37 - 2014-03-18 10:25 - 00159696 _____ () C:\Windows\system32\perfc007.dat
2015-03-07 16:31 - 2014-12-26 13:36 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2015-03-07 16:31 - 2014-12-26 13:36 - 00000014 _____ () C:\Windows\OCStatus.ini
2015-03-07 16:31 - 2014-12-26 01:11 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-03-07 16:31 - 2014-12-07 06:57 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-07 16:31 - 2014-12-07 06:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-07 16:31 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-06 14:52 - 2014-12-07 01:14 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3450479177-531897440-768990038-1001
2015-03-06 12:15 - 2014-12-26 01:15 - 00170303 _____ () C:\Windows\SysWOW64\bios.ini
2015-03-06 11:54 - 2014-12-26 01:10 - 00000000 ____D () C:\Program Files (x86)\Gigabyte
2015-03-06 11:54 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-05 11:59 - 2014-12-09 11:36 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 11:59 - 2014-12-07 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 11:59 - 2014-12-07 07:11 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-04 13:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-03-04 12:52 - 2014-12-09 11:36 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-04 12:52 - 2014-12-07 07:11 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-04 12:52 - 2014-12-07 07:11 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-03 14:06 - 2014-12-17 22:48 - 00000000 ____D () C:\Users\Hossam\AppData\Roaming\OBS
2015-02-28 16:29 - 2014-12-07 00:54 - 00000000 ____D () C:\Users\Hossam
2015-02-25 17:38 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-24 21:06 - 2010-01-31 23:00 - 00000000 ____D () C:\Program Files\OpenHardwareMonitor
2015-02-24 20:05 - 2015-01-06 20:07 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-02-24 19:51 - 2013-08-22 15:44 - 00362816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-24 10:20 - 2014-12-07 06:59 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-23 22:45 - 2014-12-17 22:48 - 00000000 ____D () C:\Program Files\OBS
2015-02-23 16:45 - 2014-12-07 07:10 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-21 13:28 - 2014-12-07 11:46 - 00000000 ____D () C:\Users\Hossam\AppData\Local\Spotify
2015-02-21 13:28 - 2014-12-07 06:58 - 00000000 ____D () C:\Users\Hossam\AppData\Roaming\Spotify
2015-02-21 00:15 - 2014-12-07 06:58 - 00000000 ____D () C:\Program Files\WinRAR
2015-02-20 13:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-19 11:42 - 2014-12-07 07:36 - 00000000 ____D () C:\ProgramData\Skype
2015-02-19 11:41 - 2014-12-07 07:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-18 22:32 - 2014-12-27 18:13 - 00000000 ____D () C:\Users\Hossam\.weblaf
2015-02-18 22:08 - 2014-12-07 13:02 - 00000000 ____D () C:\Program Files (x86)\puush
2015-02-17 13:25 - 2015-01-30 13:45 - 00000000 ____D () C:\Users\Hossam\AppData\Roaming\Tunngle
2015-02-16 13:03 - 2014-12-11 13:24 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-16 13:01 - 2014-12-11 13:24 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 22:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-13 01:48 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-13 01:34 - 2014-12-25 01:16 - 00910992 _____ (TENCENT) C:\Windows\system32\TesSafe.sys
2015-02-09 10:39 - 2014-12-07 07:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
==================== Files in the root of some directories =======
2014-12-15 00:14 - 2014-12-15 00:14 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-12-07 07:00 - 2014-12-07 07:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Hossam\AppData\Local\Temp\avgnt.exe
C:\Users\Hossam\AppData\Local\Temp\proxy_vole4827868200911130535.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-27 11:52
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2015 01
Ran by Hossam at 2015-03-07 20:39:06
Running from X:\Libraries\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS B14.1003.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@BIOS B14.1003.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.14.1205 - Gigabyte)
APP Center (x32 Version: 1.14.1205 - Gigabyte) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.13.0911.1 - GIGABYTE)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dynasty Warriors 8 Xtreme Legends version 1.02 (HKLM-x32\...\{F2CA1EE3-A492-4220-AE30-69F963100DE2}_is1) (Version: 1.02 - Koei Tecmo)
EaseUS Todo Backup Free 8.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.0 - CHENGDU YIWO Tech Development Co., Ltd)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
F1 2012 (HKLM-x32\...\Steam App 208500) (Version: - Codemasters Birmingham)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Fragen-Lern-CD 4.6 (x32 Version: 4.6.5 - Wendel-Verlag GmbH) Hidden
Google Chrome (HKLM-x32\...\{DDCA236C-A28B-3979-8855-B7475BCAD806}) (Version: 66.30.49223 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Homeworld Remastered Collection MULTi2 1.0 (HKLM-x32\...\Homeworld Remastered Collection MULTi2 1.0) (Version: - )
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{8133D9DE-F412-4CFB-A359-5E3EE38A9A19}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1006 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Keysticks (HKLM-x32\...\{017E32B0-23A9-40F0-952B-6B12F0702A15}) (Version: 1.8.1 - Keysticks.net)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (de-DE) (HKLM-x32\...\{955F43D9-38C4-4C22-BEE3-1A6C63F968FA}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-AU) (HKLM-x32\...\{FA19A2B8-9A24-49B0-A51C-CF4A6B4B2B62}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-CA) (HKLM-x32\...\{0C96ED3F-83E2-4917-89DC-7837DC775FEC}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-GB) (HKLM-x32\...\{E0D13850-F97C-4B30-9F05-862299CE8DA5}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (es-ES) (HKLM-x32\...\{5D4A25B6-3A4E-409B-90FA-EDE99E2006B4}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (es-MX) (HKLM-x32\...\{BE94188A-CA4F-4AC7-A1B3-52D37882C30D}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (fr-CA) (HKLM-x32\...\{58DE670F-4977-4A23-9D2E-8C82A2072920}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (fr-FR) (HKLM-x32\...\{4D2DDB98-1FE6-4CFE-BCFD-EFE27FF24FAE}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (it-IT) (HKLM-x32\...\{9267D7E7-5872-4CB1-B4E3-377F4CA272D0}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ja-JP) (HKLM-x32\...\{A06F3EA5-7C55-4505-8982-534BA05F49BE}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ko-KR) (HKLM-x32\...\{1D8F6891-9B7F-4F08-A54E-C568D8C33276}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-PT) (HKLM-x32\...\{DAFE30C6-C638-4505-9372-2ECD1A1B317C}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-HK) (HKLM-x32\...\{6BAA03F9-B2E5-40EB-8871-703FF0046E9D}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-TW) (HKLM-x32\...\{28292B72-CF8A-4915-A5F5-07FF1E44C6F5}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle Earth Shadow of Mordor version 1.2 (HKLM-x32\...\{CBC0D3A9-406A-43DD-8CC1-A268F9E8D6BC}_is1) (Version: 1.2 - RFT)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge 2 B14.0217.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B14.0217.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Lachesis (HKLM-x32\...\{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}) (Version: 1.00.0000 - Razer USA Ltd.)
Razer Lachesis 5600 (HKLM-x32\...\{B86EE1B4-85B7-4731-AA28-7262A722B3FE}) (Version: 3.03.00 - Razer USA Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7256 - Realtek Semiconductor Corp.)
Shadow Warrior (HKLM-x32\...\Steam App 233130) (Version: - Flying Wild Hog)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Spotify (HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spotify (HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
There Came an Echo (HKLM-x32\...\There Came an Echo_is1) (Version: - )
Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.1305.1 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 5.0 - Ubisoft)
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version: - RuneStorm)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
24-02-2015 20:05:57 Installed SPEEDLINK STRIKE Gamepad
04-03-2015 15:09:04 Geplanter Prüfpunkt
05-03-2015 15:42:01 DirectX wurde installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {17A94334-B319-4C45-9038-A6324028D670} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {80FF52AB-C731-406D-87E0-350C9C5B39C7} - System32\Tasks\Cleanup by CCleaner => C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20] (Piriform Ltd)
Task: {92E43638-4A53-4608-A5CC-CA2A9A481AE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {AA0C94F6-330F-4B39-A162-BB13E3922B97} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B4AAC837-C887-480E-B14A-B877A127306C} - System32\Tasks\Driver Booster SkipUAC (Hossam) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {C7212003-8111-4EF3-AFAC-FB62F53E091A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-16] (Microsoft Corporation)
Task: {F25C9B10-A7CB-4388-B60C-65F7C0A01A1D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-12-07 06:49 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-16 16:09 - 2014-04-16 16:09 - 00016384 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2015-02-28 14:29 - 2014-12-15 01:03 - 00241704 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2014-12-07 13:02 - 2014-12-07 13:02 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2015-02-28 14:30 - 2014-12-15 01:04 - 00253992 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
2015-03-07 17:11 - 2015-03-07 17:11 - 00040448 ____N () C:\Users\Hossam\AppData\Local\Temp\proxy_vole4827868200911130535.dll
2015-03-07 17:11 - 2015-03-07 17:11 - 00566439 _____ () C:\Program Files\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2015-03-07 17:11 - 2015-03-07 17:11 - 04078962 _____ () C:\Program Files\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00031272 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00280104 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00754728 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00137256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-02-28 14:29 - 2014-12-15 00:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2012-11-27 08:03 - 2012-11-27 08:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.DLL
2015-02-28 14:29 - 2014-12-15 00:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2015-02-24 21:12 - 2014-11-11 19:47 - 00774656 _____ () X:\Program Files\Steam\SDL2.dll
2015-02-24 21:12 - 2014-12-02 01:29 - 05002752 _____ () X:\Program Files\Steam\v8.dll
2015-02-24 21:12 - 2015-02-19 00:51 - 02360000 _____ () X:\Program Files\Steam\video.dll
2015-02-24 21:12 - 2014-12-02 01:29 - 01612800 _____ () X:\Program Files\Steam\icui18n.dll
2015-02-24 21:12 - 2014-12-02 01:29 - 01210368 _____ () X:\Program Files\Steam\icuuc.dll
2015-02-24 21:12 - 2014-12-01 22:31 - 02396672 _____ () X:\Program Files\Steam\libavcodec-56.dll
2015-02-24 21:12 - 2014-12-01 22:31 - 00479744 _____ () X:\Program Files\Steam\libavformat-56.dll
2015-02-24 21:12 - 2014-12-01 22:31 - 00332800 _____ () X:\Program Files\Steam\libavresample-2.dll
2015-02-24 21:12 - 2014-12-01 22:31 - 00442880 _____ () X:\Program Files\Steam\libavutil-54.dll
2015-02-24 21:12 - 2014-12-01 22:31 - 00485888 _____ () X:\Program Files\Steam\libswscale-3.dll
2015-02-24 21:12 - 2015-02-19 00:51 - 00702656 _____ () X:\Program Files\Steam\bin\chromehtml.DLL
2015-02-28 14:30 - 2014-12-15 01:04 - 00223272 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\traynet.dll
2015-02-28 14:30 - 2014-12-15 01:04 - 00275496 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\libcurl.dll
2015-02-28 14:30 - 2014-12-15 01:04 - 00118328 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\zlib1.dll
2015-02-28 14:30 - 2014-12-15 01:04 - 00249896 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\uexper.dll
2015-02-24 21:12 - 2015-01-28 02:30 - 34641288 _____ () X:\Program Files\Steam\bin\libcef.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-14 15:08 - 2014-05-14 15:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-24 21:12 - 2015-01-28 02:30 - 01709960 _____ () X:\Program Files\Steam\bin\ffmpegsumo.dll
2015-02-20 16:12 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 16:12 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 16:12 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-20 16:12 - 2015-02-17 23:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3450479177-531897440-768990038-1001\Control Panel\Desktop\\Wallpaper -> F:\Inhalte\Desktop\3840x2400 (4).jpg
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> F:\Inhalte\Desktop\3840x2400 (4).jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Razer Lachesis Driver"
HKLM\...\StartupApproved\Run32: => "Lachesis"
HKLM\...\StartupApproved\Run32: => "AllShareAgent"
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3450479177-531897440-768990038-1001\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3450479177-531897440-768990038-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
==================== Accounts: =============================
Administrator (S-1-5-21-3450479177-531897440-768990038-500 - Administrator - Disabled)
Gast (S-1-5-21-3450479177-531897440-768990038-501 - Limited - Disabled)
Hossam (S-1-5-21-3450479177-531897440-768990038-1001 - Administrator - Enabled) => C:\Users\Hossam
==================== Faulty Device Manager Devices =============
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : Windows is removing this device. (Code 21)
Resolution: Wait several seconds, and then press the F5 key to update the Device Manager view.
If that does not resolve the problem, restart your computer.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2015 00:16:33 PM) (Source: ThermalConsole) (EventID: 0) (User: )
Description: System.NotSupportedException: Specified method is not supported.
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanRegulatorEx2.InitFanObjects(MotherboardHealthIdentification healthNumber)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanRegulatorEx2.InitObjectsInternal(MotherboardHealthIdentification healthNumber)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.InitIntelObjects()
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.InitObjects(String productName)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl..ctor()
at ThermalConsole.MainWindow.InitObjects()
Error: (03/06/2015 00:16:33 PM) (Source: thermald) (EventID: 0) (User: )
Description: System.NotSupportedException: Specified method is not supported.
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanRegulatorEx2.InitFanObjects(MotherboardHealthIdentification healthNumber)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanRegulatorEx2.InitObjectsInternal(MotherboardHealthIdentification healthNumber)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.InitIntelObjects()
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.InitObjects(String productName)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl..ctor()
at thermald.MainWindow.InitHardwareMonitorObjects()
Error: (03/03/2015 08:52:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.4.0.241, time stamp: 0x54e6b86b
Faulting module name: League of Legends.exe, version: 5.4.0.241, time stamp: 0x54e6b86b
Exception code: 0xc0000409
Fault offset: 0x00b45f15
Faulting process id: 0x2244
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5
Error: (03/03/2015 04:12:51 PM) (Source: BugSplat) (EventID: 1) (User: )
Description: This event has been logged by the BugSplat crash reporting library (hxxp://www.bugsplatsoftware.com)
in partnership with your vendor lol_beta_riotgames_com.
A crash report from the application 'LOL_Public' has been successfully logged into the BugSplat database with id=-1.
Please contact your vendor for more information.
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Kontext: Windows Anwendung
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: The plug-in manager <Search.TripoliIndexer> cannot be initialized.
Kontext: Windows Anwendung
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
System errors:
=============
Error: (03/07/2015 04:31:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 00:20:49 on 07.03.2015 was unexpected.
Error: (03/07/2015 04:31:21 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256844719550584112040
Error: (03/06/2015 11:54:41 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/06/2015 00:12:59 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/05/2015 01:00:53 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/04/2015 01:33:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2015 00:02:58 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/03/2015 00:53:11 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/02/2015 09:12:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/02/2015 09:12:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (03/06/2015 00:16:33 PM) (Source: ThermalConsole) (EventID: 0) (User: )
Description: System.NotSupportedException: Specified method is not supported.
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanRegulatorEx2.InitFanObjects(MotherboardHealthIdentification healthNumber)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanRegulatorEx2.InitObjectsInternal(MotherboardHealthIdentification healthNumber)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.InitIntelObjects()
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.InitObjects(String productName)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl..ctor()
at ThermalConsole.MainWindow.InitObjects()
Error: (03/06/2015 00:16:33 PM) (Source: thermald) (EventID: 0) (User: )
Description: System.NotSupportedException: Specified method is not supported.
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanRegulatorEx2.InitFanObjects(MotherboardHealthIdentification healthNumber)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanRegulatorEx2.InitObjectsInternal(MotherboardHealthIdentification healthNumber)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.InitIntelObjects()
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.InitObjects(String productName)
at Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl..ctor()
at thermald.MainWindow.InitHardwareMonitorObjects()
Error: (03/03/2015 08:52:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.4.0.24154e6b86bLeague of Legends.exe5.4.0.24154e6b86bc000040900b45f15224401d055e2dd38ece7C:\Program Files (x86)\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.79\deploy\League of Legends.exeC:\Program Files (x86)\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.79\deploy\League of Legends.exeda172883-c1de-11e4-82b6-74d435fbefb1
Error: (03/03/2015 04:12:51 PM) (Source: BugSplat) (EventID: 1) (User: )
Description: lol_beta_riotgames_comLOL_Public-1
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Kontext: Windows Anwendung
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Search.TripoliIndexer
Error: (03/02/2015 09:12:41 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
The catalog is corrupt
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 16304.85 MB
Available physical RAM: 11241.11 MB
Total Pagefile: 17328.85 MB
Available Pagefile: 11327.9 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.13 GB) (Free:159.31 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive x: (Storage) (Fixed) (Total:831.39 GB) (Free:697.91 GB) NTFS
Drive z: (Metopus) (Fixed) (Total:453.76 GB) (Free:269.62 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: CBA5BC7A)
Partition 1: (Active) - (Size=238.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 3B902D93)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Not Active) - (Size=12 GB) - (Type=27)
Partition 3: (Not Active) - (Size=453.8 GB) - (Type=42)
==================== End Of Log ============================
Ist das so richtig ? |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
