Oh tut mir leid
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by obermair (administrator) on BASTIAN on 24-03-2015 19:28:20
Running from C:\Users\obermair\Downloads
Loaded Profiles: obermair & (Available profiles: obermair)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display\dthtml.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Users\obermair\Downloads\Desktop\Steam\Steam.exe
(Valve Corporation) C:\Users\obermair\Downloads\Desktop\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Users\obermair\Downloads\Desktop\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\obermair\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13219984 2012-11-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492248 2012-12-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] ()
HKLM-x32\...\Run: [DT HPC] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123688 2013-01-10] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\Run: [Google Update] => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-03] (Google Inc.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [8473064 2014-03-26] (Visicom Media Inc.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-03] (Google Inc.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [8473064 2014-03-26] (Visicom Media Inc.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Google Update] => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-03] (Google Inc.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [8473064 2014-03-26] (Visicom Media Inc.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [Google Update] => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-03] (Google Inc.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [8473064 2014-03-26] (Visicom Media Inc.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.10.106\McAfeeMSS_IE.dll [2014-11-04] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-09] (Oracle Corporation)
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-18] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-11-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-11-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001: @tools.google.com/Google Update;version=3 -> C:\Users\obermair\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001: @tools.google.com/Google Update;version=9 -> C:\Users\obermair\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\obermair\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\obermair\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\obermair\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\obermair\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @tools.google.com/Google Update;version=3 -> C:\Users\obermair\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @tools.google.com/Google Update;version=9 -> C:\Users\obermair\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\obermair\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2: @tools.google.com/Google Update;version=3 -> C:\Users\obermair\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2: @tools.google.com/Google Update;version=9 -> C:\Users\obermair\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\obermair\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-26] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> https://www.google.at/?gws_rd=ssl
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-03]
CHR Extension: (YouTube) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-03]
CHR Extension: (Google Search) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-03]
CHR Extension: (Lamborghini Sesto Elemento Theme) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\dappigdjllcnkkoacaoolciaolaaiemb [2014-05-10]
CHR Extension: (Avira Browser Safety) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-05-10]
CHR Extension: (AdBlock) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Google Wallet) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR Extension: (Gmail) - C:\Users\obermair\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-20] ()
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [140072 2013-01-10] (Portrait Displays, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164736 2012-11-16] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.10.106\McCHSvc.exe [289256 2014-11-04] (McAfee, Inc.)
S3 Origin Client Service; C:\Users\Public\Desktop\origin\OriginClientService.exe [1910128 2015-02-02] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-03-15] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [281688 2015-03-24] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\RpcAgentSrv.exe [72344 2008-11-25] (SiSoftware) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [52128 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
U0 quql; C:\Windows\System32\drivers\lnacst.sys [79064 2015-03-20] (Malwarebytes Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-24 19:28 - 2015-03-24 19:30 - 00026418 _____ () C:\Users\obermair\Downloads\FRST.txt
2015-03-24 19:27 - 2015-03-24 19:28 - 00000000 ____D () C:\FRST
2015-03-24 19:26 - 2015-03-24 19:27 - 02095616 _____ (Farbar) C:\Users\obermair\Downloads\FRST64.exe
2015-03-23 22:17 - 2015-03-23 22:43 - 57260276 _____ () C:\Users\obermair\Documents\clip0275.avi
2015-03-21 12:34 - 2015-03-21 12:45 - 19285914 _____ () C:\Users\obermair\Documents\clip0274.avi
2015-03-20 15:01 - 2015-03-20 15:01 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\lnacst.sys
2015-03-18 14:32 - 2015-03-18 14:34 - 51292458 _____ () C:\Users\obermair\Documents\clip0273.avi
2015-03-16 22:53 - 2015-03-24 17:58 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-03-16 19:46 - 2015-03-16 20:04 - 23555450 _____ () C:\Users\obermair\Documents\clip0272.avi
2015-03-12 11:49 - 2015-03-12 11:49 - 00285624 _____ () C:\WINDOWS\Minidump\031215-25156-01.dmp
2015-03-11 13:13 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 13:13 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 13:13 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 13:13 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 13:13 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 13:13 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 13:13 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 13:12 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 13:12 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 13:12 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 13:11 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 13:11 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 13:11 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 13:11 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 13:11 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 13:11 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 13:11 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 13:11 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 13:11 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 13:11 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 13:11 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 13:11 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 13:11 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 13:11 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 13:11 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 13:11 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 13:11 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 13:11 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 13:11 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 13:11 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 13:11 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 13:11 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 13:11 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 13:11 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 13:11 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 13:11 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 13:11 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 13:11 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 13:11 - 2014-10-29 03:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 13:11 - 2014-10-29 03:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 13:11 - 2014-10-29 03:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 13:11 - 2014-10-29 03:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 13:11 - 2014-10-29 03:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 13:11 - 2014-10-29 03:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 13:11 - 2014-10-29 03:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 13:11 - 2014-10-29 03:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 13:11 - 2014-10-29 02:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 13:11 - 2014-10-29 02:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 13:11 - 2014-10-29 02:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 13:11 - 2014-10-29 02:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 13:11 - 2014-10-29 02:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 13:11 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 13:11 - 2014-10-29 02:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 13:11 - 2014-10-29 02:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 13:11 - 2014-10-29 02:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 13:11 - 2014-10-29 01:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 13:11 - 2014-10-29 01:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 13:11 - 2014-10-29 01:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 13:11 - 2014-10-29 01:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 13:10 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 13:10 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 13:10 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 13:10 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 13:10 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 13:10 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 13:10 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 13:10 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 13:10 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 13:10 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 13:10 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 13:10 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 13:10 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 13:10 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 13:10 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 13:10 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 13:10 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 13:10 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 13:10 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 13:10 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 13:10 - 2014-10-29 02:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 13:10 - 2014-10-29 01:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 13:05 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 13:05 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 13:05 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 13:05 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 13:05 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 13:05 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 13:05 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 13:05 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 13:05 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 13:05 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 13:05 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 13:05 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 13:05 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 13:05 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 13:05 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 13:05 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 13:05 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 13:05 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 13:05 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 13:05 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 13:05 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 13:05 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 13:05 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 13:05 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 13:05 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 13:05 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 13:05 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 13:05 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 13:05 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 13:05 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 13:05 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 13:05 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 13:05 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 13:05 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 13:05 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 13:05 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 13:05 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 13:04 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 13:04 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 13:04 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 13:04 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 13:04 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 13:04 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 13:04 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 13:03 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 13:03 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 13:03 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 13:03 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 13:03 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 13:03 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 12:46 - 2015-03-11 12:46 - 00285624 _____ () C:\WINDOWS\Minidump\031115-33703-01.dmp
2015-03-04 21:07 - 2015-03-04 22:27 - 00000000 ____D () C:\Users\obermair\AppData\Roaming\Audacity
2015-03-04 21:07 - 2015-03-04 21:07 - 00001035 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-03-04 21:07 - 2015-03-04 21:07 - 00001023 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-03-04 21:06 - 2015-03-04 21:07 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-02-28 17:43 - 2015-02-28 17:43 - 00166710 _____ () C:\Users\obermair\Downloads\10982685_1404546492925870_371684884_n.mp4
2015-02-26 13:27 - 2015-02-26 13:27 - 02126848 _____ () C:\Users\obermair\Downloads\adwcleaner_4.111.exe
2015-02-26 12:48 - 2015-02-26 12:49 - 00285624 _____ () C:\WINDOWS\Minidump\022615-33625-01.dmp
2015-02-25 16:06 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 16:06 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 16:06 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-25 16:06 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-25 16:06 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-25 16:06 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-24 19:28 - 2013-12-01 02:38 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-24 19:27 - 2014-05-23 13:51 - 04662272 ___SH () C:\Users\obermair\Downloads\Thumbs.db
2015-03-24 19:11 - 2014-05-09 21:40 - 01776988 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-24 19:03 - 2013-10-29 20:34 - 00000000 ____D () C:\Users\obermair\AppData\Roaming\Skype
2015-03-24 19:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-24 18:49 - 2014-04-25 12:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-24 18:34 - 2013-10-03 17:32 - 00001148 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2675372484-2889525269-420943070-1001UA.job
2015-03-24 18:27 - 2014-05-12 17:38 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1E90B362-E35B-4FCC-8C6E-228195C0A89A}
2015-03-24 18:12 - 2013-11-12 15:44 - 00000000 ____D () C:\Users\obermair\AppData\Roaming\TS3Client
2015-03-24 17:58 - 2013-10-18 14:09 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2015-03-24 14:11 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-24 12:07 - 2014-03-18 11:03 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-24 12:07 - 2014-03-18 10:25 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-24 12:07 - 2014-03-18 10:25 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-24 12:03 - 2013-12-01 02:38 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-23 23:34 - 2013-10-03 17:32 - 00001096 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2675372484-2889525269-420943070-1001Core.job
2015-03-23 22:56 - 2013-10-12 22:50 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-03-23 18:54 - 2014-12-04 20:06 - 00012163 _____ () C:\WINDOWS\setupact.log
2015-03-22 00:19 - 2014-01-30 16:57 - 00000000 ____D () C:\Users\obermair\AppData\Local\Battle.net
2015-03-21 23:36 - 2014-01-30 16:59 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-03-21 23:33 - 2014-01-30 16:57 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-03-21 13:50 - 2013-10-02 19:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2675372484-2889525269-420943070-1001
2015-03-20 15:01 - 2013-12-13 16:59 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2015-03-20 14:15 - 2014-08-21 17:04 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-18 13:50 - 2014-09-05 11:03 - 00000000 ____D () C:\Users\obermair\AppData\Local\Adobe
2015-03-18 13:49 - 2014-04-25 12:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-03-18 13:49 - 2013-08-22 16:38 - 00778928 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-18 13:49 - 2013-08-22 16:38 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-17 18:19 - 2014-05-09 21:26 - 00000000 ____D () C:\Users\obermair
2015-03-17 14:52 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-17 14:18 - 2015-02-19 15:24 - 00000000 ____D () C:\Users\obermair\Documents\ProfileCache
2015-03-17 14:11 - 2015-02-19 15:24 - 00000000 ____D () C:\Users\obermair\Documents\The Crew
2015-03-15 14:48 - 2014-07-07 09:09 - 02805248 ___SH () C:\Users\obermair\Documents\Thumbs.db
2015-03-15 13:55 - 2014-03-30 14:50 - 00000000 ____D () C:\Users\obermair\Documents\My Games
2015-03-15 13:55 - 2013-10-13 08:05 - 00000000 ____D () C:\Users\obermair\AppData\Local\PunkBuster
2015-03-15 13:52 - 2013-10-12 22:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-03-15 13:51 - 2014-12-07 14:44 - 00070954 _____ () C:\WINDOWS\DirectX.log
2015-03-15 01:35 - 2014-05-09 22:38 - 00000000 ____D () C:\Users\obermair\AppData\Local\Intel_Corporation
2015-03-14 11:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-13 19:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-12 11:54 - 2013-08-22 15:44 - 00386592 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-12 11:49 - 2013-10-03 10:44 - 628158674 _____ () C:\WINDOWS\MEMORY.DMP
2015-03-12 11:49 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-12 11:49 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 11:49 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 11:49 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-12 11:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-12 11:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-12 11:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 20:45 - 2013-10-04 15:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-11 20:41 - 2013-03-22 18:03 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-11 12:46 - 2014-05-10 15:38 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-05 13:51 - 2013-12-27 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 13:51 - 2013-12-27 13:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-05 13:51 - 2013-10-12 22:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 13:47 - 2013-12-27 13:49 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-03-05 13:47 - 2013-12-27 13:49 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-03-05 13:47 - 2013-12-27 13:49 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-02-26 12:50 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-24 12:26 - 2014-09-17 19:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-24 12:26 - 2013-10-29 20:34 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2013-12-03 20:40 - 2015-02-17 15:03 - 14024704 _____ () C:\Users\obermair\AppData\Roaming\Sandra.mdb
2014-09-19 23:39 - 2014-09-19 23:39 - 0003584 _____ () C:\Users\obermair\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-17 02:58 - 2015-02-17 02:58 - 0004623 _____ () C:\Users\obermair\AppData\Local\recently-used.xbel
2013-07-01 15:22 - 2013-07-01 15:23 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-07-01 15:19 - 2013-07-01 15:20 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-07-01 15:17 - 2013-07-01 15:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-07-01 15:21 - 2013-07-01 15:22 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2013-07-01 15:18 - 2013-07-01 15:19 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2013-07-01 15:20 - 2013-07-01 15:20 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log
Some content of TEMP:
====================
C:\Users\obermair\AppData\Local\Temp\avgnt.exe
C:\Users\obermair\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\obermair\AppData\Local\Temp\Quarantine.exe
C:\Users\obermair\AppData\Local\Temp\SkypeSetup.exe
C:\Users\obermair\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-23 15:23
==================== End Of Log ============================
--- --- ---
und hier noch die Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by obermair at 2015-03-24 19:34:42
Running from C:\Users\obermair\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Always Sometimes Monsters (HKLM-x32\...\Steam App 274310) (Version: - Vagabond Dog)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version: - Bohemia Interactive)
Ashampoo AppLauncher v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Core Tuner 2 v.2.0.1 (HKLM-x32\...\Ashampoo Core Tuner 2_is1) (Version: 2.01 - Ashampoo GmbH & Co. KG)
Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\Ashampoo GetBack Photo_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 4 v.4.0.1 (HKLM-x32\...\Ashampoo Music Studio 4_is1) (Version: 4.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.1.3 (HKLM-x32\...\Ashampoo Photo Commander 10_is1) (Version: 10.1.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.1.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 2 v.2.0.5 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 4 v.4.30 (HKLM-x32\...\Ashampoo UnInstaller 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Video Styler v.1.0.1 (HKLM-x32\...\Ashampoo Video Styler_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 9 v.9.04.31 (HKLM-x32\...\Ashampoo WinOptimizer 9_is1) (Version: 9.04.31 - Ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avira (HKLM-x32\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cthulhu Saves the World (HKLM-x32\...\Steam App 107310) (Version: - Zeboyd Games)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Space 2 (HKLM-x32\...\Steam App 47780) (Version: - Visceral Games)
Defiance (HKLM-x32\...\Steam App 224600) (Version: - Trion Worlds)
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 1.2.1188.10 - Infernum Productions AG)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.13.925 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.13.925 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GoD Factory: Wingmen (HKLM-x32\...\Steam App 262750) (Version: - Nine Dots Studio)
Google Chrome (HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Chrome (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Chrome (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Chrome (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 2.01.006 - Portrait Displays, Inc.)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Legendary (HKLM-x32\...\Steam App 16730) (Version: - Spark Unlimited)
LibreOffice 4.1.2.3 (HKLM-x32\...\{DD3CB916-F91A-41B9-B276-CAC090E91021}) (Version: 4.1.2.3 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManyCam 4.0.77 (HKLM-x32\...\ManyCam) (Version: 4.0.77 - Visicom Media Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.10.106.1 - McAfee, Inc.)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.2419 - CyberLink Corp.) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.7.2735 - Electronic Arts, Inc.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
Pivot Software (x32 Version: 9.03.004 - Portrait Displays, Inc.) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version: - DPad Studios)
SDK (x32 Version: 2.33.005 - Portrait Displays, Inc.) Hidden
SiSoftware Sandra Lite 2014.RTM (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.10.2014.2 - SiSoftware)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version: - Haemimont Games)
Unity Web Player (HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Warframe (HKLM-x32\...\{8D12FE7C-7271-4D9D-A868-5854890777AF}) (Version: 1.0.0 - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
15-03-2015 04:35:26 Windows Update
18-03-2015 14:56:51 Windows Update
21-03-2015 16:36:28 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {06021626-7443-4E24-8600-B6F9FD342DC8} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {13054768-CF3A-4D60-97DC-27A6D6E0D089} - System32\Tasks\{121AE7FA-8571-43DB-8C45-5FC5615ACFAA} => pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe"
Task: {3E2865A8-25FD-4FDB-8CC0-C32FC7938DE9} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: {4708A26C-600B-40DF-ADA2-FD58BA782179} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2675372484-2889525269-420943070-1001UA => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-03] (Google Inc.)
Task: {4DA22F21-600D-4A6B-BE3E-0B710793D5A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-18] (Adobe Systems Incorporated)
Task: {504F93D8-6528-4619-967A-48E4CF9E71F0} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {5E962C3C-BDED-4342-8F3D-4A85298A0D9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {62BE58BB-689E-4D60-B5CC-BF140930DDE6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2675372484-2889525269-420943070-1001Core => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-03] (Google Inc.)
Task: {98FBFC33-7751-4B0D-98B4-CAD5FA475764} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {B09EEA7C-2B40-40A4-869C-B6228F22D367} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-11] (Microsoft Corporation)
Task: {B3383A12-7310-4355-ADA1-38EED6609B8A} - System32\Tasks\Google Updater and Installer => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-03] (Google Inc.)
Task: {BDA69D34-8F60-4DD9-955E-7D7CBEAD69EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2675372484-2889525269-420943070-1001Core.job => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2675372484-2889525269-420943070-1001UA.job => C:\Users\obermair\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-07-01 15:26 - 2011-08-22 13:44 - 01421216 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
2013-07-01 15:26 - 2012-07-30 10:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2013-10-12 22:50 - 2015-03-15 13:52 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-10-02 19:49 - 2010-08-04 13:44 - 00266240 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2014-03-02 01:57 - 2013-01-10 15:26 - 00091944 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2014-03-02 01:56 - 2013-01-10 15:26 - 00275752 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2014-01-25 01:22 - 2014-01-25 01:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-02 19:49 - 2011-01-04 14:34 - 04545024 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2014-03-02 01:57 - 2013-01-10 15:26 - 00164648 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
2014-03-02 01:57 - 2013-01-10 15:26 - 00198440 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
2015-03-16 22:53 - 2015-03-24 17:58 - 00281688 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-10-02 19:49 - 2010-03-10 13:50 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2014-10-19 16:09 - 2014-10-19 16:09 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\2133a50009fa3b357bfbd29a218be0f6\PSIClient.ni.dll
2013-07-01 12:43 - 2012-11-16 03:32 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-03-02 01:57 - 2013-01-10 15:26 - 00086824 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll
2013-07-01 15:20 - 2013-03-05 04:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 11:41 - 2013-03-05 11:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-02 19:49 - 2009-08-28 15:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2014-03-02 01:56 - 2013-01-10 15:26 - 00189224 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2014-03-02 01:57 - 2013-01-10 15:25 - 00123688 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
2015-03-21 12:38 - 2015-03-14 11:12 - 01174856 _____ () C:\Users\obermair\AppData\Local\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 12:38 - 2015-03-14 11:12 - 00080200 _____ () C:\Users\obermair\AppData\Local\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 12:38 - 2015-03-14 11:12 - 09278792 _____ () C:\Users\obermair\AppData\Local\Google\Chrome\Application\41.0.2272.101\pdf.dll
2013-12-26 16:13 - 2014-11-11 19:47 - 00774656 _____ () C:\Users\obermair\Downloads\Desktop\Steam\SDL2.dll
2015-01-19 21:13 - 2014-12-02 01:29 - 05002752 _____ () C:\Users\obermair\Downloads\Desktop\Steam\v8.dll
2014-05-22 13:07 - 2015-02-19 00:51 - 02360000 _____ () C:\Users\obermair\Downloads\Desktop\Steam\video.dll
2015-01-19 21:13 - 2014-12-02 01:29 - 01612800 _____ () C:\Users\obermair\Downloads\Desktop\Steam\icui18n.dll
2015-01-19 21:13 - 2014-12-02 01:29 - 01210368 _____ () C:\Users\obermair\Downloads\Desktop\Steam\icuuc.dll
2014-09-01 16:14 - 2014-12-01 22:31 - 02396672 _____ () C:\Users\obermair\Downloads\Desktop\Steam\libavcodec-56.dll
2014-09-01 16:14 - 2014-12-01 22:31 - 00479744 _____ () C:\Users\obermair\Downloads\Desktop\Steam\libavformat-56.dll
2014-09-01 16:14 - 2014-12-01 22:31 - 00332800 _____ () C:\Users\obermair\Downloads\Desktop\Steam\libavresample-2.dll
2014-09-01 16:14 - 2014-12-01 22:31 - 00442880 _____ () C:\Users\obermair\Downloads\Desktop\Steam\libavutil-54.dll
2014-09-01 16:14 - 2014-12-01 22:31 - 00485888 _____ () C:\Users\obermair\Downloads\Desktop\Steam\libswscale-3.dll
2013-12-26 16:13 - 2015-02-19 00:51 - 00702656 _____ () C:\Users\obermair\Downloads\Desktop\Steam\bin\chromehtml.DLL
2013-12-26 16:13 - 2015-01-28 02:30 - 34641288 _____ () C:\Users\obermair\Downloads\Desktop\Steam\bin\libcef.dll
2014-08-14 21:41 - 2015-01-28 02:30 - 01709960 _____ () C:\Users\obermair\Downloads\Desktop\Steam\bin\ffmpegsumo.dll
2015-01-21 17:02 - 2015-01-21 17:02 - 26054456 _____ () C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\obermair\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\obermair\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\obermair\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Users\obermair\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "jswtrayutil"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "PivotSoftware"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2675372484-2889525269-420943070-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\StartupApproved\Run: => "Advanced SystemCare 8"
==================== Accounts: =============================
Administrator (S-1-5-21-2675372484-2889525269-420943070-500 - Administrator - Disabled)
Gast (S-1-5-21-2675372484-2889525269-420943070-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2675372484-2889525269-420943070-1003 - Limited - Enabled)
obermair (S-1-5-21-2675372484-2889525269-420943070-1001 - Administrator - Enabled) => C:\Users\obermair
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/22/2015 05:44:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 209a0
Startzeit: 01d064beb9ff0b51
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: aecf25c2-d0b2-11e4-bff9-7427ea482203
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (03/21/2015 06:25:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16850
Startzeit: 01d063fb436171d0
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: 37813fca-cfef-11e4-bff9-7427ea482203
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (03/21/2015 06:09:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 167d0
Startzeit: 01d063f8fde56378
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: f3d0fe67-cfec-11e4-bff9-7427ea482203
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (03/20/2015 01:45:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.8.652 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1077c
Startzeit: 01d0630ac9796a77
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
Berichts-ID: d7dede79-cefe-11e4-bff9-7427ea482203
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/20/2015 01:27:08 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (03/19/2015 10:44:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.8.652 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f0fc
Startzeit: 01d0628d7cf6af54
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
Berichts-ID: ed83a790-ce80-11e4-bff9-7427ea482203
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/19/2015 10:08:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: farcry3_d3d11.exe, Version: 0.1.0.1, Zeitstempel: 0x51226a2f
Name des fehlerhaften Moduls: FC3_d3d11.dll, Version: 0.1.0.1, Zeitstempel: 0x512269ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00fd0528
ID des fehlerhaften Prozesses: 0xef54
Startzeit der fehlerhaften Anwendung: 0xfarcry3_d3d11.exe0
Pfad der fehlerhaften Anwendung: farcry3_d3d11.exe1
Pfad des fehlerhaften Moduls: farcry3_d3d11.exe2
Berichtskennung: farcry3_d3d11.exe3
Vollständiger Name des fehlerhaften Pakets: farcry3_d3d11.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: farcry3_d3d11.exe5
Error: (03/15/2015 11:26:25 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
Error: (03/15/2015 11:00:13 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (03/15/2015 00:44:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TheCrew.exe, Version: 1.0.3.0, Zeitstempel: 0x54c96bce
Name des fehlerhaften Moduls: TheCrew.exe, Version: 1.0.3.0, Zeitstempel: 0x54c96bce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x010041f7
ID des fehlerhaften Prozesses: 0x15814
Startzeit der fehlerhaften Anwendung: 0xTheCrew.exe0
Pfad der fehlerhaften Anwendung: TheCrew.exe1
Pfad des fehlerhaften Moduls: TheCrew.exe2
Berichtskennung: TheCrew.exe3
Vollständiger Name des fehlerhaften Pakets: TheCrew.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TheCrew.exe5
System errors:
=============
Error: (03/24/2015 01:40:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3000850)
Error: (03/24/2015 01:35:41 PM) (Source: DCOM) (EventID: 10010) (User: Bastian)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/24/2015 01:35:10 PM) (Source: DCOM) (EventID: 10010) (User: Bastian)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/24/2015 00:32:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240055 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3000850)
Error: (03/24/2015 00:27:26 PM) (Source: DCOM) (EventID: 10010) (User: Bastian)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/24/2015 00:26:55 PM) (Source: DCOM) (EventID: 10010) (User: Bastian)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/24/2015 00:23:39 AM) (Source: DCOM) (EventID: 10010) (User: Bastian)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (03/24/2015 00:23:39 AM) (Source: DCOM) (EventID: 10010) (User: Bastian)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (03/24/2015 00:23:39 AM) (Source: DCOM) (EventID: 10010) (User: Bastian)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (03/24/2015 00:23:39 AM) (Source: DCOM) (EventID: 10010) (User: Bastian)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Microsoft Office Sessions:
=========================
Error: (03/22/2015 05:44:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031209a001d064beb9ff0b514294967295C:\WINDOWS\syswow64\wwahost.exeaecf25c2-d0b2-11e4-bff9-7427ea482203Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (03/21/2015 06:25:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170311685001d063fb436171d04294967295C:\WINDOWS\syswow64\wwahost.exe37813fca-cfef-11e4-bff9-7427ea482203Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (03/21/2015 06:09:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031167d001d063f8fde563784294967295C:\WINDOWS\syswow64\wwahost.exef3d0fe67-cfec-11e4-bff9-7427ea482203Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (03/20/2015 01:45:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe15.0.8.6521077c01d0630ac9796a7760000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exed7dede79-cefe-11e4-bff9-7427ea482203
Error: (03/20/2015 01:27:08 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (03/19/2015 10:44:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe15.0.8.652f0fc01d0628d7cf6af5460000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exeed83a790-ce80-11e4-bff9-7427ea482203
Error: (03/19/2015 10:08:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: farcry3_d3d11.exe0.1.0.151226a2fFC3_d3d11.dll0.1.0.1512269efc000000500fd0528ef5401d0628201e10765C:\Users\obermair\Downloads\Desktop\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exeC:\Users\obermair\Downloads\Desktop\Steam\steamapps\common\Far Cry 3\bin\FC3_d3d11.dll09005703-ce7c-11e4-bff9-7427ea482203
Error: (03/15/2015 11:26:25 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
Error: (03/15/2015 11:00:13 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (03/15/2015 00:44:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TheCrew.exe1.0.3.054c96bceTheCrew.exe1.0.3.054c96bcec0000005010041f71581401d05e92b7dbf749C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exeC:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe15f74c22-caa4-11e4-bff7-7427ea482203
CodeIntegrity Errors:
===================================
Date: 2015-03-20 13:46:00.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Store signing level requirements.
Date: 2014-09-16 17:34:04.658
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 17:34:04.601
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 17:34:04.544
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 17:34:04.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 17:34:04.433
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 17:34:04.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 17:34:04.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 17:34:04.268
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 17:34:04.212
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Percentage of memory in use: 72%
Total physical RAM: 3980.64 MB
Available physical RAM: 1093.47 MB
Total Pagefile: 8076.64 MB
Available Pagefile: 3920.98 MB
Total Virtual: 131072 MB
Available Virtual: 131071.73 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:869.02 GB) (Free:304.99 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:42.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
TDSSKiller.exe und speichere diese Datei auf dem Desktop