| |
| |||||||
Log-Analyse und Auswertung: Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel ArbeitsspeicherWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
01.09.2014, 15:12
| #1 |
| |  Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher Hallo, ich hatte seit einiger Zeit das Problem, dass ich in sämtlichen I-net Browsern Werbung von ad wizard u.ä. bekam und entfernte diese Addons aus dem Programmverzeichnis von Windows. Seitdem hab ich nun aber das Problem, dass sich der Internet Explorer immer selbst im Hintergrund öffnete (alle 30s ein neuer Prozess). daraufhin habe ich den Internet Explorer aus dem System entfernt, habe nun aber das Problem, dass sich statt des Internet Explorers der Windows Explorer in den Prozessen vervielfältigt (Arbeitsspeicher bis 400K) und dadurch auch die Internetleistung verringert. In Online Spielen muss ich so beispielsweise alle 20s den Bildschirm klein machen um die unnötigen Prozesse zu beenden. hier das FRST log Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by Basti (administrator) on KUNDEN-C2A4T6U6 on 01-09-2014 14:55:44
Running from C:\Users\Basti\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
() C:\Windows\DAODx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Creative Technology Ltd.) C:\Windows\V0640Mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [G Data AntiVirus Tray Application] => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-08-07] (Bitleader)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Live! Central 2] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe [426140 2009-11-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [V0640Mon.exe] => C:\Windows\V0640Mon.exe [28672 2009-09-22] (Creative Technology Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1937600 2014-08-14] (Valve Corporation)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Windows Remote Service] => C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe [173568 2013-05-24] (Banamalon)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-31] (Electronic Arts)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\MountPoints2: {9b9067ea-de6c-11e1-bf3d-806e6f6e6963} - D:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Play Wireless USB Adapter Utility.lnk
ShortcutTarget: Play Wireless USB Adapter Utility.lnk -> C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://syb.msn.com
hxxp://www.tecstore.net
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2A10C333036FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {98BF414D-8E2C-4584-B853-F3A6F5935D27} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {98bf414d-8e2c-4584-b853-f3a6f5935d27} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {010D46DF-85CC-4552-ABDC-7D8BF9F1EE08} URL = hxxp://www.ant.com/search?s=browser&q={searchTerms}
SearchScopes: HKCU - {17B1D3AE-2CD3-4200-BFB1-BB1A7AF25B04} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=4D0BBBD8-62F0-4122-A06B-5E95CB2E58D3&apn_sauid=B1968C2B-D17E-44D0-ADAD-A85600365777
SearchScopes: HKCU - {4327fabe-3c22-4689-8dbf-d226cf777fe9} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKCU - {98BF414D-8E2C-4584-B853-F3A6F5935D27} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ant.com browser helper (video detector) -> {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} -> C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\o6lub96e.default-1408107985754
FF Homepage: hxxp://de-de.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta993.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta993\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha906.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha906\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1969.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1969\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha8334.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8334\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha5279.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5279\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home278.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home278\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6079.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6079\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha2380.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2380\ff
Chrome:
=======
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-24]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-24]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-24]
CHR Extension: (Google-Suche) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-24]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-24]
CHR Extension: (Google Mail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-24]
CHR HKLM-x32\...\Chrome\Extension: [cadmbhkjimoafaokdfdmpebbiapadccm] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6079\ch\MediaBuzzV1mode6079.crx []
CHR HKLM-x32\...\Chrome\Extension: [caeconejdgkoefeelomjfkkfcinkehlc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8334\ch\MediaViewV1alpha8334.crx []
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [fepenaahbicpoholbpjhhilciepkeock] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2380\ch\TrustMediaViewerV1alpha2380.crx []
CHR HKLM-x32\...\Chrome\Extension: [kfdfaggkibkljaklfepfminnfpfniijl] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1969\ch\MediaViewerV1alpha1969.crx []
CHR HKLM-x32\...\Chrome\Extension: [llopbnfbphgdlgapmfbdfeldkodlohaa] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home278\ch\MediaWatchV1home278.crx []
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx []
CHR HKLM-x32\...\Chrome\Extension: [onaefacfpoloobkpanchplbmpndadfog] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta993\ch\VideoPlayerV3beta993.crx []
CHR HKLM-x32\...\Chrome\Extension: [pnfeojhdgncechblgmlmehmjdhhikmhj] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5279\ch\MediaViewV1alpha5279.crx []
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 Ant App service; C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe [504816 2013-02-05] (Helios Technologies Ltd)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-19] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-19] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]
R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]
S2 DisplayFusionService; "C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe" [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-09-27] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-03] (DT Soft Ltd)
S3 hugoio64; C:\Windows\system32\drivers\hugoio64.sys [13920 2012-08-06] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-27] ()
S3 V0640Vid; C:\Windows\System32\DRIVERS\V0640Vid.sys [319520 2009-12-03] (Creative Technology Ltd.)
S3 tswNT; \??\C:\Users\ADMINI~1\AppData\Local\Temp\00013255\tswnt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-01 14:55 - 2014-09-01 14:56 - 00024060 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-09-01 14:55 - 2014-09-01 14:55 - 00000000 ____D () C:\FRST
2014-09-01 14:54 - 2014-09-01 14:54 - 02104832 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2014-09-01 14:53 - 2014-09-01 14:53 - 00000542 _____ () C:\Users\Basti\Downloads\defogger_disable.log
2014-09-01 14:53 - 2014-09-01 14:53 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-01 14:52 - 2014-09-01 14:52 - 00050477 _____ () C:\Users\Basti\Downloads\Defogger.exe
2014-08-31 18:57 - 2014-08-31 18:57 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\AVG2014
2014-08-31 18:56 - 2014-08-31 18:56 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\TuneUp Software
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-31 18:55 - 2014-09-01 14:32 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ___HD () C:\$AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-31 18:44 - 2014-09-01 14:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-31 18:44 - 2014-08-31 19:29 - 00000000 ____D () C:\Users\Basti\AppData\Local\Avg2014
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\MFAData
2014-08-31 18:43 - 2014-08-31 18:44 - 04755920 _____ (AVG Technologies) C:\Users\Basti\Downloads\avg_avct_stb_all_2014_4744_comppg_24.exe
2014-08-31 16:04 - 2014-08-31 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-08-31 15:52 - 2014-09-01 14:30 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-31 15:52 - 2014-08-31 15:52 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-08-31 15:52 - 2014-08-31 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-08-31 15:44 - 2014-08-31 15:44 - 01397992 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-31 14:37 - 2014-08-31 14:38 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03 (1).exe
2014-08-31 14:30 - 2014-08-31 14:31 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03.exe
2014-08-25 19:28 - 2014-09-01 14:32 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Yqnu
2014-08-25 19:28 - 2014-08-25 19:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Osug
2014-08-24 18:21 - 2014-08-24 18:21 - 04495528 _____ () C:\Users\Basti\Downloads\AbsolutUninstaller_5.3.1.17.exe
2014-08-24 18:21 - 2014-08-24 18:21 - 00001270 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00001258 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2014-08-24 18:05 - 2014-08-24 18:05 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 18:05 - 2014-08-24 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 17:54 - 2014-09-01 14:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 17:54 - 2014-08-31 20:59 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 17:54 - 2014-08-24 18:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-24 17:54 - 2014-08-24 17:54 - 00895120 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeSetup.exe
2014-08-24 17:54 - 2014-08-24 17:54 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-24 17:54 - 2014-08-24 17:54 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-24 17:33 - 2014-08-31 20:15 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Ovco
2014-08-24 17:33 - 2014-08-24 17:38 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Imzec
2014-08-24 17:24 - 2014-08-24 17:24 - 00000687 _____ () C:\awhE8F7.tmp
2014-08-24 17:03 - 2014-08-24 17:06 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-24 16:59 - 2014-09-01 14:32 - 00000000 ____D () C:\ProgramData\AgumInij
2014-08-24 16:59 - 2014-08-24 16:59 - 00000687 _____ () C:\awhE3C9.tmp
2014-08-24 05:36 - 2014-09-01 14:31 - 00000000 ____D () C:\ProgramData\AtlisUwmeh
2014-08-24 05:36 - 2014-08-24 16:59 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-24 04:41 - 2014-08-24 04:41 - 00000687 _____ () C:\awhE003.tmp
2014-08-24 04:06 - 2014-08-24 04:06 - 00000687 _____ () C:\awhDBCD.tmp
2014-08-23 23:44 - 2014-08-23 23:53 - 46684696 _____ (PokerStars) C:\Users\Basti\Downloads\PokerStarsInstallPM.exe
2014-08-23 18:37 - 2014-08-23 18:37 - 00000687 _____ () C:\awh65CA.tmp
2014-08-22 14:45 - 2014-08-22 14:45 - 00000687 _____ () C:\awhE214.tmp
2014-08-21 16:10 - 2014-08-21 16:10 - 00000687 _____ () C:\awhE5BC.tmp
2014-08-20 15:34 - 2014-08-20 15:34 - 00000687 _____ () C:\awhE4C2.tmp
2014-08-19 22:13 - 2014-09-01 14:37 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-19 22:13 - 2014-08-31 20:35 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex1
2014-08-19 22:13 - 2014-08-19 22:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-19 18:47 - 2014-08-19 18:47 - 00000687 _____ () C:\awhFEE7.tmp
2014-08-19 15:04 - 2014-08-19 15:04 - 00000687 _____ () C:\awhDE7C.tmp
2014-08-18 22:50 - 2014-08-19 22:17 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-18 22:33 - 2014-08-18 22:33 - 00003140 _____ () C:\Windows\System32\Tasks\{32F8C2B5-B270-459D-AC50-DE0EC6FE4C50}
2014-08-18 22:22 - 2014-08-18 22:22 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145(1).exe
2014-08-18 22:19 - 2014-08-18 22:19 - 00714207 _____ () C:\Users\Basti\Downloads\pbsetup-37.zip
2014-08-18 22:13 - 2014-08-18 22:13 - 01101648 _____ () C:\Users\Basti\Downloads\PunkBuster - CHIP-Installer.exe
2014-08-18 14:17 - 2014-08-18 14:34 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft
2014-08-18 13:03 - 2014-08-18 13:03 - 00000687 _____ () C:\awhEC41.tmp
2014-08-17 18:37 - 2014-08-17 18:37 - 00000687 _____ () C:\awhD326.tmp
2014-08-15 15:11 - 2014-08-15 15:11 - 00244408 _____ () C:\Users\Basti\Downloads\Firefox Setup Stub 31.0.exe
2014-08-15 15:06 - 2014-08-15 15:06 - 00000000 ____D () C:\Users\Basti\Desktop\Alte Firefox-Daten
2014-08-15 13:31 - 2014-08-15 13:31 - 00000687 _____ () C:\awhE455.tmp
2014-08-15 13:25 - 2014-08-15 13:25 - 01192533 _____ () C:\Windows\unins000.exe
2014-08-15 13:25 - 2014-08-15 13:25 - 00018426 _____ () C:\Windows\unins000.dat
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\MingGuan
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-08-15 12:05 - 2014-08-15 12:05 - 00000687 _____ () C:\awh8ACA.tmp
2014-08-15 11:33 - 2014-08-15 11:33 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-14 16:05 - 2014-08-31 14:52 - 00004096 _____ () C:\Users\Public\Documents\000099A0.LCS
2014-08-14 16:05 - 2014-08-21 20:50 - 00000000 ____D () C:\Users\Basti\AppData\Local\Risen3
2014-08-14 16:05 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ProtectDISC
2014-08-14 15:28 - 2014-08-14 15:28 - 00002277 _____ () C:\Users\Public\Desktop\Risen 3 - Titan Lords.lnk
2014-08-14 15:25 - 2014-08-14 15:25 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-08-14 15:06 - 2014-08-14 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-08-13 12:29 - 2014-08-13 12:29 - 00002119 _____ () C:\Users\Basti\Desktop\Firefox - CHIP Downloader.lnk
2014-08-13 12:29 - 2014-08-13 12:29 - 00000687 _____ () C:\awhEA2F.tmp
2014-08-13 12:28 - 2014-08-13 12:28 - 01101648 _____ () C:\Users\Basti\Downloads\Firefox - CHIP-Installer.exe
2014-08-12 12:57 - 2014-08-12 12:57 - 00000687 _____ () C:\awhF94C.tmp
2014-08-11 15:05 - 2014-08-11 15:04 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 14:50 - 2014-08-11 14:50 - 00000687 _____ () C:\awhED79.tmp
2014-08-11 14:15 - 2014-08-11 14:15 - 00000291 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-11 14:13 - 2014-08-11 14:13 - 00918440 _____ (Oracle Corporation) C:\Users\Basti\Downloads\JavaSetup7u67.exe
2014-08-11 12:34 - 2014-08-11 12:34 - 00000687 _____ () C:\awhDDFF.tmp
2014-08-10 15:15 - 2014-08-10 15:15 - 00000687 _____ () C:\awhDC0C.tmp
2014-08-09 13:32 - 2014-08-09 13:32 - 00000687 _____ () C:\awhDD82.tmp
2014-08-08 19:30 - 2014-08-08 19:44 - 41171024 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeStandaloneSetup-1985.125.exe
2014-08-08 11:44 - 2014-08-08 11:44 - 00000687 _____ () C:\awhEA6D.tmp
2014-08-07 14:20 - 2014-08-07 14:20 - 00000687 _____ () C:\awh933.tmp
2014-08-06 20:07 - 2014-08-06 20:07 - 00000687 _____ () C:\awhE752.tmp
2014-08-06 13:16 - 2014-08-06 13:16 - 00000687 _____ () C:\awhDF37.tmp
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-08-05 13:14 - 2014-08-05 13:14 - 00000687 _____ () C:\awhF49A.tmp
2014-08-04 13:37 - 2014-08-04 13:37 - 00000687 _____ () C:\awhE002.tmp
2014-08-03 14:13 - 2014-08-03 14:13 - 00000687 _____ () C:\awhDB41.tmp
2014-08-02 18:37 - 2014-08-02 18:37 - 00000687 _____ () C:\awhED5.tmp
2014-08-02 02:02 - 2014-08-02 02:02 - 00000687 _____ () C:\awhDE8B.tmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-01 14:56 - 2014-09-01 14:55 - 00024060 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-09-01 14:55 - 2014-09-01 14:55 - 00000000 ____D () C:\FRST
2014-09-01 14:54 - 2014-09-01 14:54 - 02104832 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2014-09-01 14:53 - 2014-09-01 14:53 - 00000542 _____ () C:\Users\Basti\Downloads\defogger_disable.log
2014-09-01 14:53 - 2014-09-01 14:53 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-01 14:53 - 2012-07-31 11:12 - 00000000 ____D () C:\Users\Basti
2014-09-01 14:52 - 2014-09-01 14:52 - 00050477 _____ () C:\Users\Basti\Downloads\Defogger.exe
2014-09-01 14:50 - 2013-05-21 21:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-01 14:44 - 2012-07-31 12:07 - 00000000 ____D () C:\ProgramData\Origin
2014-09-01 14:37 - 2014-08-19 22:13 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-01 14:37 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-01 14:37 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-01 14:34 - 2014-08-31 18:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-01 14:33 - 2012-07-30 16:40 - 01404422 _____ () C:\Windows\WindowsUpdate.log
2014-09-01 14:32 - 2014-08-31 18:55 - 00000000 ____D () C:\ProgramData\AVG2014
2014-09-01 14:32 - 2014-08-25 19:28 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Yqnu
2014-09-01 14:32 - 2014-08-24 16:59 - 00000000 ____D () C:\ProgramData\AgumInij
2014-09-01 14:32 - 2012-07-31 12:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-01 14:32 - 2010-11-21 05:24 - 00000000 __SHD () C:\Users\Basti\AppData\Roaming\dwcvajjb
2014-09-01 14:31 - 2014-08-24 05:36 - 00000000 ____D () C:\ProgramData\AtlisUwmeh
2014-09-01 14:31 - 2013-02-04 13:30 - 00000356 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-09-01 14:31 - 2013-02-04 13:30 - 00000000 ____D () C:\Users\Basti\AppData\Local\SwvUpdater
2014-09-01 14:31 - 2012-08-02 00:29 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-09-01 14:30 - 2014-08-31 15:52 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-01 14:29 - 2014-08-24 17:54 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-01 14:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-01 14:29 - 2009-07-14 06:51 - 00139630 _____ () C:\Windows\setupact.log
2014-09-01 14:28 - 2013-11-12 17:57 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-01 14:28 - 2010-11-21 05:47 - 00082346 _____ () C:\Windows\PFRO.log
2014-08-31 20:59 - 2014-08-24 17:54 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-31 20:35 - 2014-08-19 22:13 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex1
2014-08-31 20:35 - 2012-08-03 13:53 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-31 20:15 - 2014-08-24 17:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Ovco
2014-08-31 19:53 - 2013-10-16 19:37 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-08-31 19:29 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\Avg2014
2014-08-31 18:57 - 2014-08-31 18:57 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\AVG2014
2014-08-31 18:56 - 2014-08-31 18:56 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\TuneUp Software
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ___HD () C:\$AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\MFAData
2014-08-31 18:44 - 2014-08-31 18:43 - 04755920 _____ (AVG Technologies) C:\Users\Basti\Downloads\avg_avct_stb_all_2014_4744_comppg_24.exe
2014-08-31 16:05 - 2014-08-31 16:04 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-08-31 15:52 - 2014-08-31 15:52 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-08-31 15:52 - 2014-08-31 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-08-31 15:44 - 2014-08-31 15:44 - 01397992 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-31 15:03 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-31 15:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-31 14:52 - 2014-08-14 16:05 - 00004096 _____ () C:\Users\Public\Documents\000099A0.LCS
2014-08-31 14:51 - 2012-08-21 14:36 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-08-31 14:38 - 2014-08-31 14:37 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03 (1).exe
2014-08-31 14:31 - 2014-08-31 14:30 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03.exe
2014-08-25 21:32 - 2014-02-03 22:16 - 00000000 ____D () C:\Users\Basti\AppData\Local\PokerStars.NET
2014-08-25 19:33 - 2014-08-25 19:28 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Osug
2014-08-25 01:11 - 2012-07-31 11:13 - 00131280 _____ () C:\Users\Basti\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-24 18:43 - 2014-05-13 18:32 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-08-24 18:43 - 2009-07-14 06:45 - 00434784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 18:23 - 2012-07-31 17:02 - 00000000 ____D () C:\Program Files (x86)\Catan
2014-08-24 18:21 - 2014-08-24 18:21 - 04495528 _____ () C:\Users\Basti\Downloads\AbsolutUninstaller_5.3.1.17.exe
2014-08-24 18:21 - 2014-08-24 18:21 - 00001270 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00001258 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2014-08-24 18:05 - 2014-08-24 18:05 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 18:05 - 2014-08-24 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 18:05 - 2014-08-24 17:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-24 18:05 - 2012-07-31 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-24 18:03 - 2012-10-12 15:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-24 17:54 - 2014-08-24 17:54 - 00895120 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeSetup.exe
2014-08-24 17:54 - 2014-08-24 17:54 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-24 17:54 - 2014-08-24 17:54 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-24 17:38 - 2014-08-24 17:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Imzec
2014-08-24 17:24 - 2014-08-24 17:24 - 00000687 _____ () C:\awhE8F7.tmp
2014-08-24 17:06 - 2014-08-24 17:03 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-24 16:59 - 2014-08-24 16:59 - 00000687 _____ () C:\awhE3C9.tmp
2014-08-24 16:59 - 2014-08-24 05:36 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-24 04:41 - 2014-08-24 04:41 - 00000687 _____ () C:\awhE003.tmp
2014-08-24 04:06 - 2014-08-24 04:06 - 00000687 _____ () C:\awhDBCD.tmp
2014-08-23 23:55 - 2014-02-03 22:15 - 00000000 ____D () C:\Program Files (x86)\PokerStars.NET
2014-08-23 23:54 - 2014-02-03 22:16 - 00001965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.net.lnk
2014-08-23 23:54 - 2014-02-03 22:16 - 00001959 _____ () C:\Users\Public\Desktop\PokerStars.net.lnk
2014-08-23 23:53 - 2014-08-23 23:44 - 46684696 _____ (PokerStars) C:\Users\Basti\Downloads\PokerStarsInstallPM.exe
2014-08-23 18:37 - 2014-08-23 18:37 - 00000687 _____ () C:\awh65CA.tmp
2014-08-22 14:45 - 2014-08-22 14:45 - 00000687 _____ () C:\awhE214.tmp
2014-08-21 20:50 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Local\Risen3
2014-08-21 16:10 - 2014-08-21 16:10 - 00000687 _____ () C:\awhE5BC.tmp
2014-08-20 15:34 - 2014-08-20 15:34 - 00000687 _____ () C:\awhE4C2.tmp
2014-08-19 22:17 - 2014-08-18 22:50 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-19 22:13 - 2014-08-19 22:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-19 18:47 - 2014-08-19 18:47 - 00000687 _____ () C:\awhFEE7.tmp
2014-08-19 15:04 - 2014-08-19 15:04 - 00000687 _____ () C:\awhDE7C.tmp
2014-08-18 22:33 - 2014-08-18 22:33 - 00003140 _____ () C:\Windows\System32\Tasks\{32F8C2B5-B270-459D-AC50-DE0EC6FE4C50}
2014-08-18 22:22 - 2014-08-18 22:22 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145(1).exe
2014-08-18 22:19 - 2014-08-18 22:19 - 00714207 _____ () C:\Users\Basti\Downloads\pbsetup-37.zip
2014-08-18 22:13 - 2014-08-18 22:13 - 01101648 _____ () C:\Users\Basti\Downloads\PunkBuster - CHIP-Installer.exe
2014-08-18 21:46 - 2013-09-29 16:33 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 14
2014-08-18 14:34 - 2014-08-18 14:17 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft
2014-08-18 13:03 - 2014-08-18 13:03 - 00000687 _____ () C:\awhEC41.tmp
2014-08-18 12:59 - 2012-08-07 15:27 - 00000344 _____ () C:\Windows\lgfwup.ini
2014-08-18 12:59 - 2012-08-07 15:23 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2014-08-17 18:37 - 2014-08-17 18:37 - 00000687 _____ () C:\awhD326.tmp
2014-08-15 15:11 - 2014-08-15 15:11 - 00244408 _____ () C:\Users\Basti\Downloads\Firefox Setup Stub 31.0.exe
2014-08-15 15:06 - 2014-08-15 15:06 - 00000000 ____D () C:\Users\Basti\Desktop\Alte Firefox-Daten
2014-08-15 13:31 - 2014-08-15 13:31 - 00000687 _____ () C:\awhE455.tmp
2014-08-15 13:25 - 2014-08-15 13:25 - 01192533 _____ () C:\Windows\unins000.exe
2014-08-15 13:25 - 2014-08-15 13:25 - 00018426 _____ () C:\Windows\unins000.dat
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\MingGuan
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-08-15 12:05 - 2014-08-15 12:05 - 00000687 _____ () C:\awh8ACA.tmp
2014-08-15 11:33 - 2014-08-15 11:33 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-15 04:07 - 2013-11-12 17:57 - 00001194 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-15 04:07 - 2013-11-12 17:57 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-08-15 00:45 - 2012-07-31 12:07 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-14 16:05 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ProtectDISC
2014-08-14 15:28 - 2014-08-14 15:28 - 00002277 _____ () C:\Users\Public\Desktop\Risen 3 - Titan Lords.lnk
2014-08-14 15:25 - 2014-08-14 15:25 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-08-14 15:24 - 2012-07-31 12:58 - 00422801 _____ () C:\Windows\DirectX.log
2014-08-14 15:06 - 2014-08-14 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-08-14 15:06 - 2013-09-27 20:13 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-08-13 12:29 - 2014-08-13 12:29 - 00002119 _____ () C:\Users\Basti\Desktop\Firefox - CHIP Downloader.lnk
2014-08-13 12:29 - 2014-08-13 12:29 - 00000687 _____ () C:\awhEA2F.tmp
2014-08-13 12:28 - 2014-08-13 12:28 - 01101648 _____ () C:\Users\Basti\Downloads\Firefox - CHIP-Installer.exe
2014-08-12 12:57 - 2014-08-12 12:57 - 00000687 _____ () C:\awhF94C.tmp
2014-08-11 15:05 - 2013-12-20 15:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 15:04 - 2014-08-11 15:05 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 14:50 - 2014-08-11 14:50 - 00000687 _____ () C:\awhED79.tmp
2014-08-11 14:25 - 2013-01-29 19:11 - 00000000 ____D () C:\Program Files\Oracle
2014-08-11 14:24 - 2012-10-24 19:35 - 00000000 ____D () C:\Program Files\Java
2014-08-11 14:15 - 2014-08-11 14:15 - 00000291 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-11 14:15 - 2012-09-29 12:00 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-11 14:13 - 2014-08-11 14:13 - 00918440 _____ (Oracle Corporation) C:\Users\Basti\Downloads\JavaSetup7u67.exe
2014-08-11 14:11 - 2012-09-29 12:02 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-11 12:34 - 2014-08-11 12:34 - 00000687 _____ () C:\awhDDFF.tmp
2014-08-10 15:15 - 2014-08-10 15:15 - 00000687 _____ () C:\awhDC0C.tmp
2014-08-09 13:32 - 2014-08-09 13:32 - 00000687 _____ () C:\awhDD82.tmp
2014-08-08 19:44 - 2014-08-08 19:30 - 41171024 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeStandaloneSetup-1985.125.exe
2014-08-08 11:44 - 2014-08-08 11:44 - 00000687 _____ () C:\awhEA6D.tmp
2014-08-07 19:00 - 2014-03-20 23:03 - 00000000 ____D () C:\Users\Basti\AppData\Local\Battle.net
2014-08-07 18:56 - 2014-03-19 19:52 - 00000000 ____D () C:\Users\Basti\Desktop\Diablo III
2014-08-07 15:05 - 2014-03-20 23:03 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-07 14:45 - 2013-01-01 19:26 - 00000000 ____D () C:\Users\Basti\Desktop\Games
2014-08-07 14:20 - 2014-08-07 14:20 - 00000687 _____ () C:\awh933.tmp
2014-08-07 03:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-06 20:07 - 2014-08-06 20:07 - 00000687 _____ () C:\awhE752.tmp
2014-08-06 13:16 - 2014-08-06 13:16 - 00000687 _____ () C:\awhDF37.tmp
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-08-05 13:14 - 2014-08-05 13:14 - 00000687 _____ () C:\awhF49A.tmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 13:37 - 2014-08-04 13:37 - 00000687 _____ () C:\awhE002.tmp
2014-08-03 14:13 - 2014-08-03 14:13 - 00000687 _____ () C:\awhDB41.tmp
2014-08-02 18:37 - 2014-08-02 18:37 - 00000687 _____ () C:\awhED5.tmp
2014-08-02 02:02 - 2014-08-02 02:02 - 00000687 _____ () C:\awhDE8B.tmp
Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\hash.dat
Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\161E.tmp.exe
C:\Users\Basti\AppData\Local\Temp\53544uninstall.exe
C:\Users\Basti\AppData\Local\Temp\8A92.exe
C:\Users\Basti\AppData\Local\Temp\APNStub.exe
C:\Users\Basti\AppData\Local\Temp\AutoRun.exe
C:\Users\Basti\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Basti\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\Basti\AppData\Local\Temp\COMAP.EXE
C:\Users\Basti\AppData\Local\Temp\comver.dll
C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
C:\Users\Basti\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Basti\AppData\Local\Temp\detectionui_r.exe
C:\Users\Basti\AppData\Local\Temp\devcon.exe
C:\Users\Basti\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\E159.exe
C:\Users\Basti\AppData\Local\Temp\EAInstall.dll
C:\Users\Basti\AppData\Local\Temp\eauninstall.exe
C:\Users\Basti\AppData\Local\Temp\EDF7.tmp.exe
C:\Users\Basti\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel0.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel1.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel2.exe
C:\Users\Basti\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe
C:\Users\Basti\AppData\Local\Temp\IminentSetup_v2.exe
C:\Users\Basti\AppData\Local\Temp\Installer.exe
C:\Users\Basti\AppData\Local\Temp\installerdll3366376.dll
C:\Users\Basti\AppData\Local\Temp\installerdll3426171.dll
C:\Users\Basti\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\local.dll
C:\Users\Basti\AppData\Local\Temp\mpsetup.exe
C:\Users\Basti\AppData\Local\Temp\MSN20F7.exe
C:\Users\Basti\AppData\Local\Temp\procexp03 (1)64.exe
C:\Users\Basti\AppData\Local\Temp\rcpsetup_binstall21_binstall21.exe
C:\Users\Basti\AppData\Local\Temp\rootsupd.exe
C:\Users\Basti\AppData\Local\Temp\Setup.exe
C:\Users\Basti\AppData\Local\Temp\Shortcut_sweetimsetup.exe
C:\Users\Basti\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Basti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Basti\AppData\Local\Temp\sonarinst.exe
C:\Users\Basti\AppData\Local\Temp\sqlite3.dll
C:\Users\Basti\AppData\Local\Temp\SRLDetectionLibrary246908541541363318.dll
C:\Users\Basti\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Basti\AppData\Local\Temp\tbuE54F.exe
C:\Users\Basti\AppData\Local\Temp\tbuF23F.exe
C:\Users\Basti\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\Basti\AppData\Local\Temp\tmp8D70.tmp.exe
C:\Users\Basti\AppData\Local\Temp\ubi14CB.tmp.exe
C:\Users\Basti\AppData\Local\Temp\ubiCD15.tmp.exe
C:\Users\Basti\AppData\Local\Temp\Updater.exe
C:\Users\Basti\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Basti\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Basti\AppData\Local\Temp\wajam_download.exe
C:\Users\Basti\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Basti\AppData\Local\Temp\wpsetup.exe
C:\Users\Basti\AppData\Local\Temp\_is16EB.exe
C:\Users\Basti\AppData\Local\Temp\_is2387.exe
C:\Users\Basti\AppData\Local\Temp\_is2AAA.exe
C:\Users\Basti\AppData\Local\Temp\_is8097.exe
C:\Users\Basti\AppData\Local\Temp\_isBE80.exe
C:\Users\Basti\AppData\Local\Temp\_isCA61.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-31 16:42
==================== End Of Log ============================
und hier das Addition log Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02
Ran by Basti at 2014-09-01 14:56:40
Running from C:\Users\Basti\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Uninstaller 5.3.1.17 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.17 - Glarysoft Ltd)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Ant.com IE add-on (HKLM-x32\...\{B795F380-D3D6-4EA4-A4BB-27FC2FB0F8B2}) (Version: 2.2.3.1074 - Ant.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.0 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Blender (HKLM\...\Blender) (Version: 2.65a-release - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward - Sledgehammer Games)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Source (HKLM-x32\...\Counter-Strike: Source) (Version: - Valve)
Creative Live! Cam Socialize (VF0640) (1.00.04.00) (HKLM\...\Creative VF0640) (Version: - Creative Technology Ltd.)
Creative Live! Central 2 (HKLM-x32\...\Creative Live! Central 2) (Version: 2.00.29 - Creative Technology Ltd)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: - )
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4703 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4619 - CyberLink Corp.)
CyberLink LG Burning Tool (x32 Version: 6.2.4619 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3530.52 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3530.52 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2512 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3718 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{60098CE4-EB16-42D1-9FF6-923488C2AB26}) (Version: - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Schlacht um Mittelerde(tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Emergency 2012 (HKLM-x32\...\Emergency 2012) (Version: - Quadriga Games GmbH)
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
File1 Package Manager (HKLM-x32\...\{8A50D93C-79EE-425C-9464-3550978F4E56}) (Version: 0.1.2.75 - Helios Technologies)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio version 5.7.4.918 (HKLM-x32\...\Free Studio_is1) (Version: 5.7.4.918 - DVDVideoSoft Ltd.)
GameShadow (HKLM-x32\...\{B2390904-74BD-48AA-B2CC-6612F8D46379}) (Version: 2.03.0000 - GameShadow Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor Of Poker en Español (HKLM-x32\...\Governor Of Poker en Español) (Version: - )
i-Menu 3.9 (HKLM-x32\...\i-Menu_is1) (Version: - AOC)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version: - The Creative Assembly)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
Pearl Harbor II (HKLM-x32\...\{8CBCA733-4D81-453D-95EB-28FD5C57430A}) (Version: 12 - FantasticTV)
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version: - )
Pharao (HKLM-x32\...\Pharao) (Version: - )
Play Wireless USB Adapter (HKLM-x32\...\InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}) (Version: 1.0.0.03 - Belkin)
Play Wireless USB Adapter (x32 Version: 1.0.0.03 - Belkin) Hidden
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version: - PokerStars.net)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.03.0000 - Ubisoft)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.2.0 - Ubisoft)
Simple Shutdown Timer (HKLM-x32\...\Simple Shutdown Timer1.1.2) (Version: 1.1.2 - PcWinTech.com)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.6 - ) <==== ATTENTION
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{E4D8E90E-B732-4205-AFE6-79B75B14DAAB}) (Version: 2.0.0.0 - Husdawg, LLC)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{D1688F5A-9A61-42F0-B8D0-2C9DF315A141}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{32E700B9-1A94-48B4-99E1-CB8BD5F7340A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{007CC0F3-15DE-426D-95B5-B019FCEF58CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{0C175ED0-26B9-4B09-AFA9-3F16A03A29B9}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{651EE0E5-C789-48D8-8B91-F79352B783C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{326F9E80-FE16-4D2A-827A-4EE1A87B1CE8}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{81CA2EFA-7250-4B1E-B3A6-E0595224E2CD}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 10.0 (HKLM-x32\...\{6E0E4D61-11EC-11E0-B454-0013D3D69929}) (Version: 10.0.469 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-703785417-1565345126-2984759567-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-703785417-1565345126-2984759567-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
==================== Restore Points =========================
21-08-2014 01:26:56 Geplanter Prüfpunkt
21-08-2014 01:27:59 Windows Update
21-08-2014 01:56:01 Windows Defender Checkpoint
24-08-2014 01:33:42 Windows Update
24-08-2014 16:04:37 Entfernt muveeNow 2.0 - Creative
31-08-2014 12:21:34 Windows Modules Installer
31-08-2014 13:21:15 Windows Modules Installer
31-08-2014 16:55:04 Installed AVG 2014
31-08-2014 16:55:27 Installed AVG 2014
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2016CE31-07D9-4576-9FF9-C333A7887B2F} - System32\Tasks\AmiUpdXp => C:\Users\Basti\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: {227F369D-AE30-4DD9-8270-4AB62C1999AC} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {479F55BE-55C6-499F-A1C8-CE9462FC45DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6ADB4B99-57B1-4B12-9820-FB3B75E432D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.)
Task: {A971956C-6D2E-4067-9548-4183E4CB50F8} - System32\Tasks\{6B195EBD-4D27-41A6-80B2-5E573123B1ED} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.123&LastError=404
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B2C9FD99-D696-4E11-B8A4-91E02EF11268} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.)
Task: {CC4EAAF6-1C0D-410F-81C6-F4B148BC17C4} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F43D1249-9FB6-446E-9511-21106C818884} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Basti\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-19 16:32 - 2012-12-19 16:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 19:39 - 2012-10-17 19:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 19:39 - 2012-10-17 19:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-08-18 22:50 - 2014-08-19 22:17 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-08-07 15:13 - 2009-07-02 16:02 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-12-28 18:25 - 2009-12-28 18:25 - 00036864 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2009-11-25 19:45 - 2009-11-25 19:45 - 00110592 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
2014-08-15 13:25 - 2013-10-29 14:49 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2012-12-19 16:32 - 2012-12-19 16:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-09-15 20:17 - 2009-09-15 20:17 - 00200704 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
2009-12-15 13:46 - 2009-12-15 13:46 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 13:49 - 2009-12-15 13:49 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-15 13:25 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/01/2014 02:30:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 06:36:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bf4.exe, Version 1.3.2.3825 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 404
Startzeit: 01cfc533824b5e46
Endzeit: 1482
Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Berichts-ID:
Error: (08/31/2014 03:41:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 03:24:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 03:23:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CLIStart.exe, Version: 3.5.0.0, Zeitstempel: 0x50d21fc3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c4909
ID des fehlerhaften Prozesses: 0xe74
Startzeit der fehlerhaften Anwendung: 0xCLIStart.exe0
Pfad der fehlerhaften Anwendung: CLIStart.exe1
Pfad des fehlerhaften Moduls: CLIStart.exe2
Berichtskennung: CLIStart.exe3
Error: (08/31/2014 03:05:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 02:00:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2014 09:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bf4.exe, Version 1.3.2.3825 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1fd4
Startzeit: 01cfc09745192f1f
Endzeit: 825
Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Berichts-ID:
Error: (08/25/2014 04:13:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000024
Fehleroffset: 0x00000000000cd7d8
ID des fehlerhaften Prozesses: 0x1d54
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (08/25/2014 02:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/01/2014 02:37:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (09/01/2014 02:29:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/31/2014 04:06:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/31/2014 03:39:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/31/2014 03:23:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/31/2014 03:03:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/31/2014 01:58:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/25/2014 02:04:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/25/2014 01:09:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/24/2014 08:29:34 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Microsoft Office Sessions:
=========================
Error: (09/01/2014 02:30:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 06:36:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bf4.exe1.3.2.382540401cfc533824b5e461482C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Error: (08/31/2014 03:41:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 03:24:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 03:23:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CLIStart.exe3.5.0.050d21fc3unknown0.0.0.000000000c0000005001c4909e7401cfc51ecec4dea1C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exeunknown0d81b0b9-3112-11e4-88a1-9dc4165e5560
Error: (08/31/2014 03:05:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 02:00:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2014 09:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bf4.exe1.3.2.38251fd401cfc09745192f1f825C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Error: (08/25/2014 04:13:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec000002400000000000cd7d81d5401cfc05f2919e62aC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll0ae117a8-2c62-11e4-bc23-93670617f76c
Error: (08/25/2014 02:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: AMD FX(tm)-6100 Six-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 8138.43 MB
Available physical RAM: 5630.15 MB
Total Pagefile: 16276.87 MB
Available Pagefile: 13270.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:219.16 GB) NTFS
Drive d: (Risen3) (CDROM) (Total:6.77 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3F65C7BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
| Themen zu Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher |
| 4d36e972-e325-11ce-bfc1-08002be10318, bildschirm, branding, desktop, downloader, dvdvideosoft ltd., fehlercode 0x5, fehlercode 0xc0000005, fehlercode 0xc0000024, flash player, homepage, icreinstall, kunde, problem, realtek, security, software, svchost.exe, system, teredo, vcredist, werbung, win7 64, windows, windows explorer |
Baum-Darstellung