| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Software BundlerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.04.2015, 18:25
| #16 |
| /// TB-Ausbilder /// Anleitungs-Guru  |  Software Bundler Haben doch Zeit, langes Wochenende... 
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.05.2015, 10:24
| #17 |
 | Software BundlerCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e97ad1642605524daa4de954f38f0a33
# end=init
# utc_time=2015-04-30 03:09:52
# local_time=2015-04-30 05:09:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 23639
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e97ad1642605524daa4de954f38f0a33
# end=updated
# utc_time=2015-04-30 03:10:49
# local_time=2015-04-30 05:10:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7770
# api_version=3.1.1
# EOSSerial=e97ad1642605524daa4de954f38f0a33
# engine=23639
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-30 05:12:08
# local_time=2015-04-30 07:12:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7816 7496320 0 0
# scanned=383935
# found=61
# cleaned=0
# scan_time=7279
sh=0119B4C28815D7986DA549D5F7DCA0718A9E3FD8 ft=1 fh=4311010adafd499b vn="Win32/Adware.Flinject.A Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1164391901-2496949349-3293824855-1002\$R8KIRG7\iren3006.exe"
sh=939B21F512271F69A1314537EDA7E36E67A2F986 ft=1 fh=9c223bc841c582d4 vn="Variante von Win32/BrowseFox.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\BrowseStudiobho.dll.vir"
sh=C5296A740EB04BD99EDECB9853DDEBD89B8AD6F8 ft=1 fh=876a650d98d684c3 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\BrowseStudioUninstall.exe.vir"
sh=221B4DAF74A5CED357D6B223F81E7A17F582091A ft=0 fh=0000000000000000 vn="Win32/BrowseFox.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\fappblnaebeochecpgnolonpeplcpkig.crx.vir"
sh=95679E3C98E4D4F10AD89244D91D175EE6490F8D ft=1 fh=f19a7cc00e78f468 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\updateBrowseStudio.exe.vir"
sh=1C2A3A666E37E2BBC9041402F8F784BE8EFB31A1 ft=1 fh=f95250e0d84663f9 vn="Variante von Win32/BrowseFox.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\BrowseStudio.BOAS.exe.vir"
sh=0E6C29DA6DF452F0A62133C6475EFFDD58F75DC8 ft=1 fh=6fc2e13c885f308d vn="Variante von Win32/BrowseFox.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\BrowseStudio.BOASHelper.exe.vir"
sh=4E4935E108B950F945514DF0019B90131112E513 ft=1 fh=056e264f0a72f1a8 vn="Variante von Win32/BrowseFox.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\BrowseStudio.BOASPRT.exe.vir"
sh=EF371B5F320A3ADDE26CD4BA80FF9DD39F7CB59B ft=1 fh=aa7fa733190423e7 vn="Variante von Win32/BrowseFox.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\BrowseStudio.BrowserAdapter.exe.vir"
sh=978FA8D7314725DC951738F14557C728AA86579C ft=1 fh=eecb16060e6cc2ca vn="Variante von Win64/BrowseFox.CN evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\BrowseStudio.BrowserAdapter64.exe.vir"
sh=45705544264DEFE90D0ACBFDA6DE133C44C04E77 ft=1 fh=4f34355b7b9714bb vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\BrowseStudio.PurBrowse64.exe.vir"
sh=227CFCF48FDC780E3BEE2D65BC1670161F21DAA8 ft=1 fh=1f4525fe4247ee47 vn="Variante von Win32/BrowseFox.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\e8294a7e84424f3a8722.dll.vir"
sh=36510B41809931F7A672CBA0B33863A8F3F96B02 ft=1 fh=63efc40bf9887e4f vn="Variante von Win64/BrowseFox.CI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\e8294a7e84424f3a872264.dll.vir"
sh=A599323F314033F3BD430AC5CC0A759F31FDD2A1 ft=1 fh=96fc4ee6b45b4736 vn="Variante von Win32/BrowseFox.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\fd74c1d11ac343f98336.dll.vir"
sh=D275B394E34C9E5924C7E7E214B04A8871E07199 ft=1 fh=3336dc66e4518c16 vn="Variante von Win64/BrowseFox.CI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\fd74c1d11ac343f9833664.dll.vir"
sh=710C65AC673FD19B4C9C9DA69A9059FE59368E6A ft=1 fh=f06dcf6d996d1e30 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\tmp543C.tmp.vir"
sh=95679E3C98E4D4F10AD89244D91D175EE6490F8D ft=1 fh=f19a7cc00e78f468 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\utilBrowseStudio.exe.vir"
sh=F079AAB25F8AE9312498362AB81D273F8D9145DC ft=1 fh=3a485f6566824d04 vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\{e8294a7e-8442-4f3a-8722-cb5c3f67ed67}.dll.vir"
sh=BD43EE03CB1B95B49314E33DC4FD33B14E29BB2A ft=1 fh=45fda734b9247bd1 vn="Variante von Win64/BrowseFox.CK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\{e8294a7e-8442-4f3a-8722-cb5c3f67ed67}64.dll.vir"
sh=C0433EFD72613CD7068E68160DF3F8F0F61C2608 ft=1 fh=5cedc113c00d1463 vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\{fd74c1d1-1ac3-43f9-8336-32679dc7de45}.dll.vir"
sh=0BED9C7BED8A2D1251D96CAE2A547D649C1293CE ft=1 fh=185c9bec62bc8811 vn="Variante von Win64/BrowseFox.CK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\{fd74c1d1-1ac3-43f9-8336-32679dc7de45}64.dll.vir"
sh=538191D09C8ED40684D244D913A28824C99925BB ft=1 fh=6d9a3141c9479aa2 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.BOAS.dll.vir"
sh=291C6A05C33C2A27A29235B71B63AB34493468F5 ft=1 fh=d600138a36790101 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.Bromon.dll.vir"
sh=8821B29158DA40D912E5E2CA08E3776BEF0DDFF3 ft=1 fh=3e352043df671262 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.BroStats.dll.vir"
sh=8A9AA201DBEC057F0F8C6C1019A52FF45A53AF3E ft=1 fh=3b9c2524ccb2d803 vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.BrowserAdapter.dll.vir"
sh=A56C97157CB55524B9FA52276CBC0468B0C45841 ft=1 fh=0c290ede7eb347bd vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.CompatibilityChecker.dll.vir"
sh=668640640703402481A6E684F8474D701169A1E6 ft=1 fh=e4df0748a43ca480 vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.FFUpdate.dll.vir"
sh=9ECF404F76A363E9AA902E052E9D18238CD84F4E ft=1 fh=44a78eb20660d99e vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.GCUpdate.dll.vir"
sh=D1333E21A162120436F46F13EB16A2D7D9F4B249 ft=1 fh=cccea6d8b39dc1fa vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.IEUpdate.dll.vir"
sh=55F5B2A9C7E7E609F784935AAFD3B38278FBD42E ft=1 fh=ae97ee50e773c9a4 vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseStudio\bin\plugins\BrowseStudio.PurBrowseG.dll.vir"
sh=01C53FBC0030066FE9032FEC431D9EA26B5811CC ft=1 fh=af8c82510ee8e748 vn="Win32/AlteredSoftware.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe.vir"
sh=0E7CC420B0BE38296EF8516DC3786361119F1F5F ft=1 fh=02f58beb2edcfbd2 vn="Win32/AlteredSoftware.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir"
sh=01C53FBC0030066FE9032FEC431D9EA26B5811CC ft=1 fh=af8c82510ee8e748 vn="Win32/AlteredSoftware.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir"
sh=A565AA91F7873179776579995E9F4D2B2894AE5A ft=1 fh=22e3a81795d8fb05 vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir"
sh=F1A0D0D29F924A24AF0F0521CF6F9A9150A10ECC ft=1 fh=22e3a817befc6b5a vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir"
sh=8B4D2CF381FC34517780B846B74C82724D263A30 ft=1 fh=c71c001192caf50d vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir"
sh=E89CED694CBF421D4C9AF42C599CD849AFEC0B99 ft=1 fh=d9cdf1c8ff17595a vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir"
sh=A6E841F2C767FA5FEE629D2B812799CFA94AEACC ft=1 fh=c71c0011fea7552e vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir"
sh=EDB4A6C7E75E18ACB805418EFFD78267BB2F37C4 ft=1 fh=c71c001126306ac8 vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir"
sh=399CE73FBD27EABB303FD899656E3C66C55B3F29 ft=1 fh=c71c001160921a34 vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir"
sh=2B55DF509EC5D62C5FB44E14E63AAC90371B917F ft=1 fh=918bb53878474d1f vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=E5CDD06C50650131591DAE0945340AA6ADC55E02 ft=1 fh=aaaec5f7af2e8f4b vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=13DD73E313B325C7D1F21FCEA1A673D3DD438051 ft=1 fh=59581b7c00edaceb vn="Win32/Adware.ConvertAd.KF Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Rod\AppData\Roaming\00000000-1430077888-0000-0000-8C89A50FD868\jnsc4735.tmp.vir"
sh=F88958D87A1247BE1E43DD8361239931668E6600 ft=1 fh=c71c001125a78e55 vn="Win32/Adware.ConvertAd.KD Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Rod\AppData\Roaming\00000000-1430077888-0000-0000-8C89A50FD868\nszFE6.tmp.vir"
sh=5E826D812C57CA7D93B68DBC7B4051AB9B3160AE ft=1 fh=30130f1336968a56 vn="Variante von Win32/Adware.ConvertAd.JN Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Rod\AppData\Roaming\00000000-1430077888-0000-0000-8C89A50FD868\rnsa3501.exe.vir"
sh=156A001522A35FE6D9F9766031C2D0B67F3B64EB ft=1 fh=60e904dedd99f1e5 vn="Win32/Adware.ConvertAd.KB Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Rod\AppData\Roaming\00000000-1430077888-0000-0000-8C89A50FD868\vnsoC028.tmp.vir"
sh=1D9AE65A97C417A8083FB38EFDB8022EAE3A9698 ft=1 fh=8dd7dc1cf3445b5c vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Rod\AppData\Roaming\Security System 2\uninstaller.exe.vir"
sh=EDC992101E82AFB41F681F3664DA2CEBC63BA672 ft=1 fh=7758d943a858e24b vn="Variante von Win32/SpeedBit.F evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\Common Files\System\SysMenu.dll"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Rod\AppData\Roaming\OXJV.xBAD"
sh=96EDAD94BE1A45EC7D5E7D67B97FE20C1DE1D676 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Rod\AppData\Roaming\RTQFZORV.xBAD"
sh=3A96C194D1D2B63F0D328676D2FD9EAA8CE2DBB3 ft=1 fh=160182a5a1a513c6 vn="Variante von Win32/SpeedBit.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Rod\AppData\Local\Installer\Install_12918\DCytdieamodc_amodc_setup.exe"
sh=CBF8E6F0968ECE2C75EC5751CE938691AB19BE31 ft=1 fh=60be94079f72ff21 vn="Variante von Win32/Amonetize.DW evtl. unerwünschte Anwendung" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-1164391901-2496949349-3293824855-1002\$RFTW2YL.exe"
sh=EAA59840EC3EDABEA5B8E13E902B17E2E2DADEF2 ft=1 fh=e4e7dfbb1fac40b4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\downloads\Windows Product Key Viewer - CHIP-Installer.exe"
sh=B130B18A83DFCD24F394428BDB845638293CBE98 ft=1 fh=03fd3f5cd7a759cb vn="Win32/BrowseFox.V evtl. unerwünschte Anwendung" ac=I fn="D:\FRST\Quarantine\C\ProgramData\ddc24aa9-6c5d-44d0-8c40-9bed83bb2ab7\maintainer.bak"
sh=803AE26A7D358CFEB969DF2C5A894E768107743A ft=1 fh=c44f6ad5f5ad43a3 vn="Win32/BrowseFox.V evtl. unerwünschte Anwendung" ac=I fn="D:\FRST\Quarantine\C\ProgramData\ddc24aa9-6c5d-44d0-8c40-9bed83bb2ab7\maintainer.exe"
sh=E2345B1AAEDDC7244864D2D7472079D640D09730 ft=1 fh=057cc98666666a36 vn="Variante von Win32/InstallCore.UE evtl. unerwünschte Anwendung" ac=I fn="D:\FRST\Quarantine\D\downloads\7zip_setup.exe.xBAD"
sh=B948E7D2DF882C1929A03C6837816C167ED7BCBB ft=1 fh=3038f2f073204ff0 vn="Variante von Win32/SoftPulse.S evtl. unerwünschte Anwendung" ac=I fn="D:\FRST\Quarantine\D\downloads\FastPlayerPro.exe.xBAD"
sh=1867142971E46CEFBDC91D1C32BDDB89B9CC2FCB ft=1 fh=bed49cb1acf2aab9 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\FRST\Quarantine\D\Games\SPORE\DTLite4471-0333.exe.xBAD"
sh=8A72F448F17C026A1B2A59686DE720079CCBA08F ft=1 fh=4d4a711952b3453e vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\FRST\Quarantine\H\Programme\DTLite4481-0347.exe.xBAD"
sh=16A9C35CF2CB2802865614F5A64F2C33536DEB7F ft=1 fh=c18b893b2790e499 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Software\Windows Product Key Viewer - CHIP-Installer.exe"
sh=A8F3490E9FBCB3743CD325396E013B54BBF58922 ft=1 fh=67471d1c95327e80 vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="D:\Software\Everest Home Edition\Everest-Home-Edition-lnstall.exe"
|
|
01.05.2015, 14:40
| #18 |
| /// TB-Ausbilder /// Anleitungs-Guru | Software Bundler Gut,
__________________welche Probleme gibts jetzt noch? Schritt 1   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ |
|
02.05.2015, 15:49
| #19 |
| | Software Bundler Von Problemen keine Spur mehr. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015
Ran by Rod (administrator) on ROD on 02-05-2015 16:46:05
Running from D:\FRST
Loaded Profiles: Rod & MSSQLFDLauncher$AUSBILDUNG (Available profiles: Rod & MSSQL$AUSBILDUNG & MSSQLSERVER & MSSQLFDLauncher$AUSBILDUNG)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Microsoft Corporation) D:\SQL\MSSQL11.AUSBILDUNG\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) D:\SQL\MSSQL11.AUSBILDUNG\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) D:\SQL\MSSQL11.AUSBILDUNG\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Geek Software GmbH) D:\Software\PDF24\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Mozilla Corporation) D:\Firefox\firefox.exe
(Mozilla Corporation) D:\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2859344 2013-04-30] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2013-05-14] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2013-05-14] (MSI)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-09-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] => D:\Software\PDF24\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => E:\SuddenStrike3\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\Run: [Spotify Web Helper] => C:\Users\Rod\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-03] (Spotify Ltd)
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\Run: [BuildNotification12] => "D:\VS2013\Common7\IDE\BuildNotificationApp.exe"
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\Run: [Spotify] => C:\Users\Rod\AppData\Roaming\Spotify\Spotify.exe [7112248 2015-04-03] (Spotify Ltd)
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\MountPoints2: H - "H:\SETUP.EXE"
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\MountPoints2: I - "I:\autorun.exe"
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\MountPoints2: {61f6dd93-d3e6-11e3-bede-8c89a50fd868} - "G:\autorun.exe"
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\MountPoints2: {dc1b46f1-676a-11e4-bf0e-8c89a50fd868} - "G:\autorun.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk [2013-10-28]
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\Rod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-01-26]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
URLSearchHook: [S-1-5-80-4129702732-3888187158-186309658-1063465230-1591156635] ATTENTION ==> Default URLSearchHook is missing.
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\xz1euvt7.default
FF SelectedSearchEngine: luckysearches
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-26] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\xz1euvt7.default\searchplugins\gmx-suche.xml [2015-03-10]
FF Extension: Ghostery - C:\Users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\xz1euvt7.default\Extensions\firefox@ghostery.com.xpi [2014-11-23]
FF Extension: CookieCuller - C:\Users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\xz1euvt7.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2014-11-23]
FF Extension: Adblock Plus - C:\Users\Rod\AppData\Roaming\Mozilla\Firefox\Profiles\xz1euvt7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-05]
StartMenuInternet: FIREFOX.EXE - D:\Firefox\firefox.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-11] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-04-22] (Microsoft Corporation)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S2 MBAMService; D:\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-05-14] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSSQL$AUSBILDUNG; d:\SQL\MSSQL11.AUSBILDUNG\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
R3 MSSQLFDLauncher$AUSBILDUNG; d:\SQL\MSSQL11.AUSBILDUNG\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-03-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1931632 2015-04-17] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-02-04] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S2 SkypeUpdate; D:\Software\Skype\Updater\Updater.exe [315488 2015-02-18] (Skype Technologies)
S4 SQLAgent$AUSBILDUNG; d:\SQL\MSSQL11.AUSBILDUNG\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 VsEtwService120; D:\Programmierung\VS Express 2013\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3376880 2013-03-29] (Intel® Corporation)
S2 fovudyqe; No ImagePath
S2 kikutuwy; No ImagePath
S2 MSSQLSERVER; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER [X]
S4 SQLSERVERAGENT; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE" -i MSSQLSERVER [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-01-19] ()
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsfw.sys [1366328 2013-04-01] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [76744 2013-03-11] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-01-19] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3545056 2013-04-18] (Intel Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299664 2015-03-13] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2012-09-12] (Creative Technology Ltd.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 01:42 - 2014-01-31 01:12 - 1017453950 ____C () C:\Users\Rod\Desktop\47 Ronin.mkv
2015-04-29 20:28 - 2015-04-29 20:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-28 23:05 - 2015-04-28 23:05 - 00000000 ____D () C:\ProgramData\DownloadManager
2015-04-27 23:23 - 2015-04-27 23:23 - 00001113 ____C () C:\Users\Rod\Desktop\game - Verknüpfung.lnk
2015-04-26 22:25 - 2015-04-26 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
2015-04-26 22:07 - 2015-04-26 22:07 - 00003146 _____ () C:\WINDOWS\System32\Tasks\{ABBAF84F-D062-43E1-B01B-79516F78051E}
2015-04-26 21:51 - 2015-04-26 21:51 - 00000000 ___DC () C:\Users\Rod\AppData\Local\CrashRpt
2015-04-26 21:37 - 2015-04-26 21:37 - 00000000 ___DC () C:\Users\Rod\Documents\Fireglow Games
2015-04-15 15:17 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 15:17 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 15:17 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 15:17 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 15:17 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 15:17 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 15:17 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 15:17 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 15:17 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 15:17 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 15:17 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 15:17 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 15:17 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 15:17 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 15:17 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 15:17 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 15:17 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 15:17 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 15:17 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 15:17 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 15:17 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 15:17 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 15:17 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 15:17 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 15:17 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 15:17 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 15:17 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 15:17 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 15:17 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 15:17 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 15:17 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 15:17 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 15:17 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 15:17 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 15:17 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 15:17 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 15:17 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 15:17 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 15:17 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 15:17 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 15:17 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 15:17 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 15:17 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 15:17 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 15:17 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 15:16 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 15:16 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 15:16 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 15:16 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 15:16 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-04 15:07 - 2015-04-05 09:54 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 15:07 - 2015-04-04 15:07 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-02 16:46 - 2014-11-20 22:33 - 00000000 ____D () C:\FRST
2015-05-02 16:17 - 2014-01-15 23:38 - 02033290 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-02 16:13 - 2013-12-28 16:01 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-02 16:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-02 15:05 - 2014-05-09 18:45 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08CD4898-E756-4FC0-8031-743705B1BC35}
2015-05-02 01:46 - 2013-11-14 09:27 - 02435178 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-02 01:46 - 2013-11-14 09:11 - 01025694 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-02 01:46 - 2013-11-14 09:11 - 00247972 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-01 22:50 - 2013-12-27 19:31 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1164391901-2496949349-3293824855-1002
2015-05-01 22:39 - 2014-04-01 12:53 - 00000000 ___DC () C:\Users\Rod\AppData\Local\Battle.net
2015-05-01 22:39 - 2014-01-15 20:44 - 00000000 ____D () C:\ProgramData\Origin
2015-05-01 22:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-01 11:31 - 2015-01-26 01:32 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-04-30 12:07 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-29 23:31 - 2014-01-31 21:27 - 00000000 __DOC () C:\Users\Rod\SkyDrive
2015-04-29 23:31 - 2013-10-28 14:55 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2015-04-29 21:47 - 2014-11-08 15:57 - 00034245 _____ () C:\WINDOWS\setupact.log
2015-04-29 21:47 - 2013-11-14 00:18 - 00062486 _____ () C:\WINDOWS\PFRO.log
2015-04-29 21:47 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-29 21:44 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-29 02:25 - 2013-12-27 19:24 - 00000000 ___DC () C:\Users\Rod\AppData\Local\VirtualStore
2015-04-28 22:51 - 2013-12-28 16:08 - 00007668 ____C () C:\Users\Rod\AppData\Local\Resmon.ResmonCfg
2015-04-27 22:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-27 21:48 - 2014-11-22 13:50 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-27 21:47 - 2014-11-22 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-04-27 21:39 - 2014-11-21 00:14 - 00000000 ____D () C:\AdwCleaner
2015-04-26 22:23 - 2014-11-22 13:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-04-26 22:02 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-04-26 21:54 - 2014-06-03 23:00 - 00000614 ____C () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-26 21:54 - 2014-06-03 23:00 - 00000614 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-26 21:54 - 2014-01-15 23:55 - 00001458 ____C () C:\Users\Rod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-26 21:54 - 2013-10-29 10:40 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk
2015-04-26 21:54 - 2013-10-29 10:40 - 00002449 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk
2015-04-26 18:13 - 2013-12-29 00:10 - 00000000 ___DC () C:\Users\Rod\AppData\Roaming\Skype
2015-04-17 16:47 - 2013-12-29 00:10 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 23:17 - 2015-01-26 01:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-04-16 17:57 - 2013-12-28 00:49 - 00000000 ___DC () C:\Users\Rod\AppData\Local\Spotify
2015-04-16 17:51 - 2013-12-28 00:45 - 00000000 ___DC () C:\Users\Rod\AppData\Roaming\Spotify
2015-04-16 16:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 23:46 - 2013-12-27 21:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 23:44 - 2013-03-22 19:03 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 23:41 - 2014-12-17 18:24 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 23:41 - 2014-07-15 04:28 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 15:48 - 2014-05-06 18:49 - 00223744 __SHC () C:\Users\Rod\Desktop\Thumbs.db
2015-04-15 15:16 - 2014-11-12 20:21 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-14 23:13 - 2013-08-22 17:36 - 00000000 __RDC () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-14 23:13 - 2013-08-22 17:36 - 00000000 __RDC () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-14 23:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-14 23:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-14 21:28 - 2015-01-13 21:13 - 18178736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 21:28 - 2013-12-28 16:01 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 09:38 - 2014-11-22 13:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-11-22 13:50 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-11-22 13:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-14 01:24 - 2013-08-22 17:38 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 03:04 - 2015-03-15 21:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Games
2015-04-10 19:02 - 2015-01-09 22:49 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-07 21:43 - 2014-02-06 19:04 - 00000000 ___DC () C:\Users\Rod\Documents\Visual Studio 2013
2015-04-03 11:58 - 2013-12-28 00:49 - 00001840 ____C () C:\Users\Rod\Desktop\Spotify.lnk
2015-04-03 11:58 - 2013-12-28 00:49 - 00001826 ____C () C:\Users\Rod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
==================== Files in the root of some directories =======
2014-11-02 20:53 - 2014-11-02 20:53 - 0000218 ____C () C:\Users\Rod\AppData\Local\recently-used.xbel
2013-12-28 16:08 - 2015-04-28 22:51 - 0007668 ____C () C:\Users\Rod\AppData\Local\Resmon.ResmonCfg
2013-10-28 14:52 - 2013-10-28 14:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-07 17:36 - 2015-03-07 17:36 - 0091734 _____ () C:\ProgramData\dxdiag.txt
2013-10-28 16:30 - 2013-10-28 16:30 - 0000104 _____ () C:\ProgramData\{01FB4998-33C4-4431-85ED-079E3EEFE75D}.log
2013-10-28 16:30 - 2013-10-28 16:30 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-10-28 16:27 - 2013-10-28 16:28 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-10-28 16:30 - 2013-10-28 16:30 - 0000111 _____ () C:\ProgramData\{39337565-330E-4ab6-A9AE-AC81E0720B10}.log
2013-10-28 16:29 - 2013-10-28 16:29 - 0000032 _____ () C:\ProgramData\{551F492A-01B0-4DC4-866F-875EC4EDC0A8}.log
2013-10-28 16:26 - 2013-10-28 16:26 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-10-28 16:29 - 2013-10-28 16:29 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2013-10-28 16:27 - 2013-10-28 16:27 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2013-10-28 16:28 - 2013-10-28 16:28 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-30 01:41
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015
Ran by Rod at 2015-05-02 16:46:40
Running from D:\FRST
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1164391901-2496949349-3293824855-500 - Administrator - Disabled)
Gast (S-1-5-21-1164391901-2496949349-3293824855-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1164391901-2496949349-3293824855-1006 - Limited - Enabled)
Rod (S-1-5-21-1164391901-2496949349-3293824855-1002 - Administrator - Enabled) => C:\Users\Rod
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{909A791A-DBB0-432F-BC0E-D0C81925E340}) (Version: 4.5.3.4746 - Canneverbe Limited)
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version: - Relic Entertainment)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Contents (x32 Version: 16.0.0.106 - Corel Corporation) Hidden
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.3215 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2103 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.2103 - CyberLink Corp.) Hidden
Dia (nur entfernen) (HKLM-x32\...\Dia) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 11.13.0.2_WHQL (HKLM\...\Elantech) (Version: 11.13.0.2 - ELAN Microelectronic Corp.)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalleri (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - )
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
ICA (x32 Version: 16.0.0.106 - Corel Corporation) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1303-148929CC1385}) (Version: 3.0.1303.0326 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c59bceea-23ab-4e2e-bfa6-625dd1e26dd1}) (Version: 16.0.2 - Intel Corporation)
IPM_VS_Pro (x32 Version: 16.0 - Corel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4711.1003 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{90E8C2E5-198C-4923-BC06-AF13E5FA964D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012-Richtlinien (HKLM-x32\...\{1D4E365F-F39C-48BA-A995-CAEDFDA29AD1}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{18558FE7-A87A-4063-9732-95E9E1420828}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - DEU (HKLM-x32\...\{B28DC16A-5394-3761-B143-450AE92516BB}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 - DEU Language Pack (HKLM-x32\...\{38F74A0E-357B-336C-B614-FE59F4BC62A0}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - DEU Language Pack (HKLM-x32\...\{96D7B7B6-424F-3A52-8E8D-32CF2615DBD2}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Firefox 37.0.2 (x86 de) (HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Protegere (HKLM-x32\...\Protegere) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.550 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version: - SkyBox Labs)
SCM (HKLM\...\{EDF24C5B-2E36-4089-B96A-329B15A74649}) (Version: 11.013.05146 - )
Setup (x32 Version: 16.0.0.106 - Corel Corporation) Hidden
Share (x32 Version: 16.0.0.106 - Corel Corporation) Hidden
Share64 (Version: 16.0.0.106 - Corel Corporation) Hidden
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version: - Three Rings)
Spotify (HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
SQL Server 2012 BI Development Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Sudden Strike 2 (HKLM-x32\...\Sudden Strike 2_is1) (Version: 1.0 - Media Contact LLC)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version: - Gas Powered Games)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
VSClassic (x32 Version: 16.0.0.106 - Corel Corporation) Hidden
VSHelp (x32 Version: 16.0.0.106 - Corel Corporation) Hidden
VSPro (x32 Version: 16.0.0.106 - Corel Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1164391901-2496949349-3293824855-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2014-11-23 01:37 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02CE4104-B027-44B9-BA9D-1982578A422E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {10146EE2-D0FE-40EC-8017-890C940753E9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1D04EC0A-5E5D-4FFC-A2FE-A0C3F44029C0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-22] (Microsoft Corporation)
Task: {28CD03C0-1C6F-41E7-90FF-213BDC2B86F4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {326646C5-E4B9-4C85-8794-5BD27A0921D5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {4BA0862F-A95A-473A-AB09-E9588C5056F9} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {4F9017BC-0798-40D6-AF36-0DF0B772ACCD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-22] (Microsoft Corporation)
Task: {55ED9AC9-A458-4AC5-B8E6-87F9F018F45E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {71B2FCDE-FCE7-442B-A53B-9BF56ADF1144} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {79AAD0B2-716C-4FD4-AB10-F2CE5FDC5AA2} - System32\Tasks\{1E62A383-47EA-4F8B-A9A1-7ABED2708697} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang= --uid=battle.net --displayname="Battle.net"
Task: {7FD9EC23-83C0-462B-A81D-CA62122ABBCB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {882A334A-99BF-41B8-B248-84FE4358B7D4} - System32\Tasks\{ABBAF84F-D062-43E1-B01B-79516F78051E} => pcalua.exe -a C:\Users\Rod\AppData\Local\00000000-1430085370-0000-0000-8C89A50FD868\Uninstall.exe
Task: {8BB68DAF-A68F-4D64-B231-C49219D6E22C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {98BC4E9E-9146-4275-8FFF-45F1830837A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {9D7AC1C0-5D3D-4E94-86D8-7FF0AC42B1E3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {E044C832-B487-4A74-82C4-6ED8EB5DF63B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {F0599474-5F57-4621-A75D-946FF7A2A93C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-22] (Microsoft Corporation)
Task: {FAC019EF-9BCD-4B38-B7CF-8F8BC91CD607} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {FBD8AED1-B060-455D-A231-01A57D06F93C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2014-05-08 20:16 - 2015-02-04 01:11 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-03-15 14:22 - 2013-03-15 14:22 - 00495616 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-09 22:46 - 2011-05-09 22:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 22:56 - 2011-05-09 22:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 22:47 - 2011-05-09 22:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-09 22:48 - 2011-05-09 22:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 14:32 - 2011-05-10 14:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-10-28 16:29 - 2013-03-06 16:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-01-15 23:38 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-21 01:02 - 2014-10-03 18:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-03-15 14:22 - 2013-03-15 14:22 - 00553984 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
2013-03-15 14:22 - 2013-03-15 14:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 14:22 - 2013-03-15 14:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2015-01-26 01:32 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-28 14:38 - 2013-03-12 15:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-10-28 16:28 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 17:48 - 2013-08-05 17:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-26 01:32 - 2015-01-26 01:32 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-12-27 20:43 - 2013-12-27 20:43 - 00176640 _____ () C:\Program Files\WindowsApps\CyberLinkCorp.me.PowerDVDforMedion_1.1.918.19562_x86__fyjd2029wheaw\SubtitleProvider.dll
2013-12-27 20:43 - 2013-12-27 20:43 - 01629184 _____ () C:\Program Files\WindowsApps\CyberLinkCorp.me.PowerDVDforMedion_1.1.918.19562_x86__fyjd2029wheaw\AggregationContent.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Rod\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Rod\SkyDrive.old:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Public\Pictures\Ashampoo Pictures\GreenBridge.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "YouCam Service6"
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1164391901-2496949349-3293824855-1002\...\StartupApproved\Run: => "BuildNotification12"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [EventForwarder-In-TCP] => (Allow) %SystemRoot%\system32\NetEvtFwdr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [WFDPRINT-DAFWSD-Out-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-DAS-In-UDP_1] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [{EFC1486F-F315-4A20-B86B-ED25C4D816E2}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{0BE1E8CC-1DFA-4729-A6CA-A9F8D87BBCAF}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{151054A0-8B6C-47C1-894B-D4F3C263B265}] => (Allow) D:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{4C39F784-2637-45D4-BDAE-2E9ECA950D6A}] => (Allow) D:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{7F107F5F-BCFE-4FF8-BE40-70F41E2E043B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0487CBB2-65D2-48F0-98B4-1224C8C89DD6}] => (Allow) D:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{4FD12EB7-E109-4D6D-B4E3-0B0AB2A918AF}] => (Allow) D:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{63FBE8D1-FD37-4A45-8D49-F8DCA97A24F8}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{92693EEE-6368-4CDD-AF1D-F7E3CBEE9DBD}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{D028ED98-4AB7-4CDD-9027-AAE64F4D611B}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{13DD9B16-45D2-4B23-8662-0ACDB861E2BF}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{648A645A-28EF-43F9-B2C5-0FB5DF4CC824}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{D5D879DA-177F-4EB7-A2BE-D84FB944F8B4}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{6DC7A120-CFE5-4826-B79D-06246BEE633C}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{3030D57C-3EB0-4665-B021-36519C38AE4F}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{74B71E0C-5738-4F48-BCFD-F9B5370E3545}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{208CC66F-1B9A-4B6D-8AF7-0677F0035782}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{88180F36-1A6C-4290-BA39-5E9E59FABC0E}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{34BE3EFE-D585-4C0D-80FC-BC37B071BAC2}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{0783CE96-9845-4620-8744-BAAB68C3081B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3BCF9E8A-885B-46FE-A142-85CC0CBD349F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8F4C6910-4DA2-4100-920F-F2B4D5E479B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{33EC5163-E8C8-4752-912B-E6A687D8472D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D26B888C-3C6E-4F19-949B-8B8AEE1C4543}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EC97D1A7-C3EF-4784-95E2-6A03EDC143DD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{125ECB47-C82B-463B-856F-42055494FC76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{52EDF3ED-8570-4E8B-A787-6E35057E8859}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3A85EF75-B96E-4FFD-B829-8B3A30C32674}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4652C1E6-9DAE-4459-805B-D36D72C76125}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2F75ECB8-7BBD-4C11-A375-7550A92784B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DC98B93E-2DA1-42DF-A82E-1AAB52DE439B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BD95AB43-96C3-4840-8512-C5FDF39E5B3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3193870E-F215-4F57-A677-2DC6AEC8F8A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B8391E2A-92EA-465B-98CF-48742F3F1700}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{53602756-2480-45D1-B02F-48C0D1942CBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B0FD9F69-4AF6-47CD-B23E-E5448EC44A2B}] => (Allow) D:\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{1CBD8CA1-2CFA-4A2A-B220-A484ED7F6A04}] => (Allow) D:\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [UDP Query User{7DE9C3C4-05C6-4150-8F6E-D7B50CA3BA68}C:\users\rod\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rod\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6B9AC464-AEAE-4A3A-AE65-1E7EDB2ED96A}C:\users\rod\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rod\appdata\roaming\spotify\spotify.exe
FirewallRules: [{11EC9935-6FE5-4586-89A2-AAE0F606F11F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{3206FF9B-C666-41BF-8E83-EEF4592137E8}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{4CAF4E04-C3B1-4CD4-9A9C-028F945824C5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{2690EFAD-C134-41CE-AD1A-6FED2643D5C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{525A510F-D0D4-45DE-9366-EAEF6C6E81C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0C33D89F-47CC-4B46-B8AE-C46B9BE88F13}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{3D7B0B48-7FA6-4168-B29D-D56A2F831D6D}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE
FirewallRules: [{D08C112D-A8DE-403D-9109-4ECD25D9D8F0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A388916A-8717-4596-882C-9941419105C0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5ABABA98-B34B-4E30-8DC2-838DAAFDB69D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2E20B24C-60DF-4A09-AD35-A46C7F1C8AC4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C53F67CB-CECB-4EB3-85DD-016FA5035CF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CB98CBA7-E62A-4725-942D-AA2C60FC1305}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0C83D533-87F1-46AA-B0CB-A1B94E03AC0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{91F5EDF4-43AD-49AD-BE59-F8AA90491CD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B317A7C9-F5AB-4CA0-A6A0-45E3FE076200}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8004E1CC-6978-46D7-BB36-D22D05846AFD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{CB2555FD-15E9-4376-B9D2-4489017C1401}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{0438DE13-9E88-4B3B-A10F-5622479304ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{1FD5E9EC-EAE8-4181-AABE-AAD77664EF98}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{B36A4AA1-79A0-48FC-AFFF-E68A52C76C84}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{73BE6CC4-CCC9-44AE-9F93-408A5F136AE2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{478134D3-CA72-4A50-8C13-28DB8CCD7F14}] => (Allow) D:\Diablo\Battle.net\Battle.net.exe
FirewallRules: [{CDDA107C-99A0-436A-94CB-661535D3BE00}] => (Allow) D:\Diablo\Battle.net\Battle.net.exe
FirewallRules: [{D57DE6AD-8651-464D-8CE8-C5EEC3E7CB2A}] => (Allow) D:\Diablo\Diablo III\Diablo III.exe
FirewallRules: [{37419956-F075-4496-8E02-8F839C188126}] => (Allow) D:\Diablo\Diablo III\Diablo III.exe
FirewallRules: [{20DF3ED4-C5AC-44F1-9B71-8FB59AB1FB1C}] => (Allow) D:\Diablo\StarCraft II\StarCraft II.exe
FirewallRules: [{6FE40104-B81D-4E63-9AE7-6B8123DA3C11}] => (Allow) D:\Diablo\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{7C181362-C9D0-46C5-A5F0-E54BE6E76E67}D:\diablo\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\diablo\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{E2942878-9D41-45F4-81E6-995D7E17B210}D:\diablo\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\diablo\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{6790884E-61EB-487B-846E-22512725B6DD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{EAA68D18-E21C-455F-BA0F-EE8A1AB132A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{B18A2A8B-97CE-4408-98FC-2B72BEEF5DE3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{16901FD5-2592-4BA8-A39F-604D9700AA3F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{290E2F11-FF1E-418D-B6C4-23E2580DC255}] => (Allow) D:\Program Files (x86)\KMSpico\KMSELDI.exe
FirewallRules: [{8E933E84-DFEF-4E41-96DD-ED42F53DDE8C}] => (Allow) D:\Program Files (x86)\KMSpico\KMSELDI.exe
FirewallRules: [{21ED68D6-7A57-482D-B3AD-944B2ED7BE4E}] => (Allow) D:\Program Files (x86)\KMSpico\AutoPico.exe
FirewallRules: [{04529AB2-DE2C-4C5A-B96E-626521BC6547}] => (Allow) D:\Program Files (x86)\KMSpico\AutoPico.exe
FirewallRules: [{85E3A8A3-0E99-412D-849B-D0D23D5C02BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{76A968B6-BE1C-4152-898B-FA39C004A777}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C66B792C-228A-498E-AF89-365249347B31}] => (Allow) D:\Steam\SteamApps\common\Supreme Commander 2\bin\SupremeCommander2.exe
FirewallRules: [{6D44E7D4-843C-425E-84EE-4635B3BB5DEC}] => (Allow) D:\Steam\SteamApps\common\Supreme Commander 2\bin\SupremeCommander2.exe
FirewallRules: [{6224D34A-9CD0-4DC5-BFE8-11B619E6ED92}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{FC7EBDBF-0065-4290-ACF2-D7ECFC132536}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{7C5C0FBF-3907-4637-BA6A-0D5CFD9B24C3}D:\diablo\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\diablo\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{99E31B09-AA15-4267-97C9-7110E606584D}D:\diablo\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\diablo\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{F4C32761-8179-4D2F-B7F8-3E0071DD2079}] => (Allow) D:\Program Files (x86)\KMSpico\AutoPico.exe
FirewallRules: [{C2384415-E56E-4C72-A11F-DF1358BFF902}] => (Allow) D:\Program Files (x86)\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{F0468C5F-CBA0-4460-8B77-1A792EB3989E}D:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) D:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{285C2EA7-1AFB-436C-81DE-420D328DE1B1}D:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) D:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{524633C6-25A5-4906-8C59-42DCB7AF471B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{3A74A329-9F8C-49E5-AAFA-2872BAC73DB4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{A0934EEE-E53B-4DBB-A5B5-B494730C7130}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7E82D1F9-EA3C-4AEC-8661-31CCBDCB726A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0CA75E98-5397-46D2-8336-2BE1AC41A8F4}] => (Allow) D:\Program Files (x86)\KMSpico\Service_KMS.exe
FirewallRules: [{86B26EF6-EC83-4B21-8390-AD44B72BF73F}] => (Allow) D:\Program Files (x86)\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{1EAE046E-C0FF-49C9-9162-0FE41D7E088E}D:\steam\steamapps\common\rise of nations\rise.exe] => (Allow) D:\steam\steamapps\common\rise of nations\rise.exe
FirewallRules: [UDP Query User{528F45E5-5554-4FF0-B8C7-0084D20DC2EF}D:\steam\steamapps\common\rise of nations\rise.exe] => (Allow) D:\steam\steamapps\common\rise of nations\rise.exe
FirewallRules: [{522C3BB1-1B34-41AC-A88D-1B26320CBC3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{363BCE44-8255-44BF-8A0F-99288CDDD3E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{BD94AB80-CC8A-4193-ABA2-D107162A6079}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{2D743E3B-660E-41B8-908F-A1BADF06CD79}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{992A7DDA-7BEE-40EE-84E1-7499B8467349}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{D7AB1AFB-D301-4616-A7AF-D6A604C7C6D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{7809B7A8-4253-48B8-98A4-FF6B0ADF5839}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{112ABEDC-1D09-4DF4-82D5-4144CDFB3AC7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{E2C97174-82F9-4E8E-A292-15DD632251CE}] => (Allow) D:\Program Files (x86)\KMSpico\Service_KMS.exe
FirewallRules: [{A4452608-0B80-4AD0-A8F0-ADA1D3BB0992}] => (Allow) D:\Program Files (x86)\KMSpico\Service_KMS.exe
FirewallRules: [{0E9AFC68-93D8-4D29-A7BF-010EA12D0190}] => (Allow) LPort=1688
FirewallRules: [{6C771E3F-0FC5-47C1-ADA4-EB4084FEE87D}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{085B68EE-6DFE-43E1-A3A8-EA29E2C838E1}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{942F1E65-EB45-479F-A38E-FC6F41A29E55}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{EB568F97-B439-4EF4-9AE7-7BFCDB2C60C7}] => (Allow) D:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{70F9A2CA-7C8E-48AB-9393-121CFD4398FC}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C9A8054B-D290-4AEC-A42C-E1B22C57A68A}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{34E4C29F-F6B0-49A5-BC3B-C49CBF5092EE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{7C74DC8A-3ECF-4169-822F-EEE2ED51FB55}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{B4D3E9DE-1C47-4E65-90FB-7D2A92C8ACE5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{88D1ADB4-DD35-4B9D-93AE-D9EBA4E48CF4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{AF5F62CD-C898-4ABC-87B8-2998272A944F}D:\diablo\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\diablo\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{70CD513A-DDA6-4395-AA41-A1C3438EEC15}D:\diablo\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\diablo\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{7D5D425B-63E6-4F33-89D1-DA0B96342689}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{63A6DE05-3417-48EB-ABC2-7102212BE00D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{592B87CD-4FDA-453F-91DA-1E75F19DC40C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8650B8A7-2855-4E87-9D9D-67F358C6A561}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{368D3624-962E-4DB9-BD7A-B83719BC7980}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{89863BDB-4357-46C5-86C8-56F4A680AF3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{032A844F-8026-4AF9-A896-F7EEA3043AAC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{48C088AF-2D15-484F-8491-19B8152EBA48}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{0779E5E9-3A80-4426-93C6-C3E0C558B6E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D1FD8639-D5F3-4145-911C-6AB22FE34F32}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4927F9A1-D5D6-42BA-814E-09B9CFC85F0D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{79B02B00-2554-4A81-A8CB-708F3D9D35F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{F6E1B078-4570-4204-9E9D-3CE086BFB9B5}D:\software\skype\phone\skype.exe] => (Allow) D:\software\skype\phone\skype.exe
FirewallRules: [UDP Query User{54AAF861-6370-48B5-A8B3-58DBE3E32BA1}D:\software\skype\phone\skype.exe] => (Allow) D:\software\skype\phone\skype.exe
FirewallRules: [TCP Query User{35CDB4D7-96C4-4AF7-BC89-A74378E37618}D:\software\skype\phone\skype.exe] => (Allow) D:\software\skype\phone\skype.exe
FirewallRules: [UDP Query User{70E5622B-8C40-4B86-8F19-FD194305DF1F}D:\software\skype\phone\skype.exe] => (Allow) D:\software\skype\phone\skype.exe
FirewallRules: [TCP Query User{8EBB2D34-D241-4B16-AC2A-C0B389EAB8F0}D:\firefox\firefox.exe] => (Block) D:\firefox\firefox.exe
FirewallRules: [UDP Query User{EE524630-D9E9-460E-9400-93E38B8A6C9A}D:\firefox\firefox.exe] => (Block) D:\firefox\firefox.exe
FirewallRules: [TCP Query User{572E1820-3C35-43EA-A79A-91D852953571}D:\firefox\firefox.exe] => (Block) D:\firefox\firefox.exe
FirewallRules: [UDP Query User{50FAD249-FD5F-4627-AE99-B7524ABB99C0}D:\firefox\firefox.exe] => (Block) D:\firefox\firefox.exe
FirewallRules: [{8B551092-4C92-42C9-8241-6395AF5FCB5B}] => (Allow) D:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{E24C0EAC-D62C-44AB-B43E-1F1B455734CF}] => (Allow) D:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{CC9EFEB5-8516-4CD1-82F7-22784DD92DB5}] => (Allow) D:\Programmierung\VS Express 2013\Common7\IDE\WDExpress.exe
FirewallRules: [{85EF242F-8542-4285-AF38-CDD152FCBB0A}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{1FEA9FE5-B3B3-4243-B7FD-8A6919F939CC}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{5DCF519D-71D9-4F8A-8663-7B9241F55126}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{5757EE07-0396-430D-B9D5-30074A16BD24}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A127F189-4A7B-4D8F-ADED-D776AF6D66FB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2015 02:58:40 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/01/2015 10:58:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (05/01/2015 10:57:40 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/01/2015 10:52:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (05/01/2015 10:50:57 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/01/2015 05:41:38 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/01/2015 00:59:37 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (05/01/2015 00:01:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (05/01/2015 03:15:51 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (04/30/2015 05:09:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
System errors:
=============
Error: (05/01/2015 11:32:01 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/30/2015 05:10:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/30/2015 05:10:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rod\AppData\Local\Temp\ehdrv.sys
Error: (04/30/2015 05:10:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/30/2015 05:10:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rod\AppData\Local\Temp\ehdrv.sys
Error: (04/30/2015 05:10:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/30/2015 05:10:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Rod\AppData\Local\Temp\ehdrv.sys
Error: (04/29/2015 09:48:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070718 fehlgeschlagen: Sicherheitsupdate für Windows 8.1 für x64-basierte Systeme (KB3045999)
Error: (04/29/2015 09:48:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070718 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3048778)
Error: (04/29/2015 09:47:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server (MSSQLSERVER)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (05/02/2015 02:58:40 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/01/2015 10:58:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (05/01/2015 10:57:40 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
Error: (05/01/2015 10:52:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (05/01/2015 10:50:57 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
Error: (05/01/2015 05:41:38 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/01/2015 00:59:37 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (05/01/2015 00:01:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (05/01/2015 03:15:51 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (04/30/2015 05:09:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
CodeIntegrity Errors:
===================================
Date: 2015-04-27 21:41:59.857
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-27 21:41:59.732
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-27 21:41:59.592
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-26 21:46:12.477
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-26 21:46:12.321
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-26 21:46:12.180
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-26 21:46:12.009
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-26 21:46:11.868
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-26 15:46:15.630
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 16:49:34.466
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 39%
Total physical RAM: 8076.43 MB
Available physical RAM: 4879.43 MB
Total Pagefile: 9356.43 MB
Available Pagefile: 5650.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:57.92 GB) (Free:2.01 GB) NTFS
Drive d: (Data) (Fixed) (Total:871.51 GB) (Free:684.38 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:36.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 59.6 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 45CDFDC5)
Partition 1: (Not Active) - (Size=871.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
02.05.2015, 18:27
| #20 |
| /// TB-Ausbilder /// Anleitungs-Guru | Software Bundler Hallo Rod, gut zu hören, dass alles passt. Bitte die Suchmaschine im Firefox manuell entfernen. (SelectedSearchEngine: luckysearches) Desweiteren alles von Java deinstallieren sowie den Firefox 29. Bei Bedarf Java neu installieren.  Cleanup: Alle Logs gepostet? Ja! Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. >>clean<< Wir haben es geschafft!  Die Logs sehen für mich im Moment sauber aus. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.   Wie kann ich mich in Zukunft besser schützen?Tipps, Dos & Don'ts  Updates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Firewall, Antivirus & Co.
 Cracks, Downloads & Co.Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten. Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten. Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Abschließend noch ein paar grundsätzliche Bemerkungen:
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
08.05.2015, 13:56
| #21 |
| | Software Bundler Sorry für die späte Antwort, erst heute geschafft meinen eigenen Lapi zu öffnen. Ich bedanke mich viel, viel, viel Mals bei Dir! Die Anweisungen werde ich, sobald ich paar Minuten mehr Zeit habe, durchführen!  Nochmals vielen Dank  !Ein schönes und erholsames Wochenende wünsche ich Dir!!! Und ja, hoffentlich sehen wir uns hier, bei der Beseitigung von Schädlingen , nicht so schnell wieder  !Gruß Rod. |
|
08.05.2015, 14:00
| #22 |
| /// TB-Ausbilder /// Anleitungs-Guru | Software Bundler Gerne. Aber "erholsam", das Wort kenne ich leider nicht mehr.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Software Bundler |
| abend, browser, chrome, defender, einfach, ergebnis, guten, hintergrund, installier, installiert, malwarebyte, nötig, programme, runtergeladen, runterladen, schritte, seite, software, startseite, unnötig, verändert, weiteren, weiterleitung, windows, windows defender |
Windows die 
automatischen Updates
Firewall. Die in Windows integrierte genügt im Normalfall völlig.
ESET
NoScript
Linear-Darstellung
