| |
| |||||||
Log-Analyse und Auswertung: PC friert ein: Bild bleibt stehen, Maus nicht bewegbar.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
13.06.2015, 17:31
| #1 |
| |  PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Hallo, seit ungefähr 3 Monaten friert mein PC in unterschiedlichen Abständen (meistens 30min, aber manchmal auch nach weniger oder erst nach paar Stunden) ein. Wenn es passiert laggt es kurz, dann Bleibt das Bild stehen, nach ca. 5sek friert auch der Mauszeiger ein und nach so 30sek geht auch der Ton aus, falls irgendein Song oder ähnlichen läuft, dieses Problem lässt sich nur beheben, wenn ich den Stecker ziehe (Der ON/OFF Button am PC funktioniert in diesem Zustand leider auch nicht). Manchmal kommt auch ein komischer Geruch aus dem Prozessor bei soeinem Vorfall auf, es riecht meines Erachtens nach etwas Verbranntem. Wenn ich den Pc für ca. 20min ausgeschaltet lasse, kann ich den Pc wieder für ca 30min benutzen, falls ich ihn früher starte, stürzt er auch früher ab. Hier die Logfiles: defrogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:19 on 13/06/2015 (Xation RAP)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Xation RAP (administrator) on ALEXANDER-PC on 13-06-2015 16:21:21
Running from C:\Users\Xation RAP\Desktop
Loaded Profiles: Xation RAP (Available Profiles: Xation RAP & kaa & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
() C:\Windows\System32\dmwu.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Windows\SysWOW64\mjcm\dnkt.exe
() C:\Windows\System32\tprb\dnkt.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Curse) C:\Users\Xation RAP\AppData\Local\Apps\2.0\ZBV8ZOG4.WMY\AB2QM7DM.KEQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62c0f9ec26c\CurseClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7883296 2009-06-16] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-06-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3370461886-3779078357-998046073-1017\...\MountPoints2: {be1f98f1-8b6c-11e4-a348-00016c70c901} - F:\startme.exe
Startup: C:\Users\Alex #1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\config.xml [2012-08-29] ()
Startup: C:\Users\Alex #1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2012-09-28] ()
Startup: C:\Users\Alex #1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012-04-13]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\Alex #1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tinychat.lnk [2012-07-23]
ShortcutTarget: Tinychat.lnk -> C:\Program Files (x86)\Tinychat\Tinychat.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-12-02]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Xation RAP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-09-04] ()
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-06] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-06] (Egis Technology Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3370461886-3779078357-998046073-1017\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-3370461886-3779078357-998046073-1017\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - (No Name) - {542e4d79-1970-4e95-9862-fdb96f61b280} - No File
URLSearchHook: HKLM-x32 - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No File
URLSearchHook: HKLM-x32 - (No Name) - {2ea04d33-5259-40b9-b79b-cb037d4824e7} - No File
URLSearchHook: HKLM-x32 - (No Name) - {f999a48b-1950-4d81-9971-79018f807b4b} - No File
URLSearchHook: HKLM-x32 - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
URLSearchHook: HKLM-x32 - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
URLSearchHook: HKLM-x32 - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM-x32 -> URL ${SEARCH_URL}{searchTerms}
SearchScopes: HKU\.DEFAULT -> {33524C00-63FB-43DB-A6BF-0A4E14B24649} URL = hxxp://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3370461886-3779078357-998046073-1017 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92545566360146822
SearchScopes: HKU\S-1-5-21-3370461886-3779078357-998046073-1017 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3370461886-3779078357-998046073-1017 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92545566360146822
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll [2013-01-29] ()
BHO: Expat Shield Class -> {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-03] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-03] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-11-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-11-29] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKU\S-1-5-21-3370461886-3779078357-998046073-1017 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Hosts: 127.0.0.1 arctium.logon.battle.net
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Xation RAP\AppData\Roaming\Mozilla\Firefox\Profiles\ay5bc43f.default
FF DefaultSearchEngine : Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-12] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-12] ()
FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-11-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-11-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2010-11-10] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-08-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-08-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-08-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-08-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-08-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-08-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-08-01] (Apple Inc.)
FF SearchPlugin: C:\Users\Xation RAP\AppData\Roaming\Mozilla\Firefox\Profiles\ay5bc43f.default\searchplugins\MyStart Search.xml [2015-06-06]
FF SearchPlugin: C:\Users\Xation RAP\AppData\Roaming\Mozilla\Firefox\Profiles\ay5bc43f.default\searchplugins\MyStart.xml [2013-10-03]
FF SearchPlugin: C:\Users\Xation RAP\AppData\Roaming\Mozilla\Firefox\Profiles\ay5bc43f.default\searchplugins\Sweetpacks Search.xml [2015-06-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml [2013-08-08]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Xation RAP\AppData\Roaming\Mozilla\Firefox\Profiles\ay5bc43f.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-29]
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2010-07-13]
FF Extension: BasicScan - C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C} [2011-12-14]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-06-24]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-29]
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-12-02]
FF HKU\S-1-5-21-3370461886-3779078357-998046073-1017\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-3370461886-3779078357-998046073-1017\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-01-30] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-11-06]
CHR Extension: (Google Drive) - C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-31]
CHR Extension: (YouTube) - C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-31]
CHR Extension: (Adblock Plus) - C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-04]
CHR Extension: (Google Search) - C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Xation RAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-31]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-06-24]
CHR HKLM-x32\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Users\Alex #1\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx [2012-10-09]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-06-24]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Alex #X\AppData\Roaming\BabSolution\CR\Delta.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikechanjclfkclficnnobciobfhbhgno] - C:\ProgramData\Download and Sa\ikechanjclfkclficnnobciobfhbhgno.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Alex #1\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-09-24]
CHR HKLM-x32\...\Chrome\Extension: [jpnbdefcbnoefmmcpelplabbkfmfhlho] - C:\Users\Notfall-Konto\AppData\Local\Premiumplay Codec-C\Chrome\Premiumplay Codec-C.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Alex #1\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-09-09]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Alex #1\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-08-26]
CHR HKLM-x32\...\Chrome\Extension: [mpfkfpmlciebaiepdediekoemmjaoong] - C:\Users\Alex Normales Konto\AppData\Local\PC Speed Up Extension\Chrome\PC Speed Up Extension.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\ALEX#1~1\AppData\Local\Temp\YontooLayers.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx [2014-07-16]
CHR HKLM-x32\...\Chrome\Extension: [pliakegieldboipflllagplgjdhagpca] - C:\ProgramData\Bcool\pliakegieldboipflllagplgjdhagpca.crx [2012-09-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-07] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [3039536 2015-01-05] ()
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-07] ()
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-06-08] (Enigma Software Group USA, LLC.)
S4 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-06-08] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-06-08] ()
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-18] (GFI Software)
S4 LMIRfsClientNP; No ImagePath
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 IAMTVE; \SystemRoot\system32\DRIVERS\IAMTVE.sys [X]
S3 IAMTXPE; \SystemRoot\system32\DRIVERS\IAMTXPE.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 NAL; \??\C:\Windows\system32\Drivers\iqvw64e.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TFSysMon; system32\drivers\TfSysMon.sys [X]
S3 X6va006; \??\C:\Users\NOTFAL~1\AppData\Local\Temp\006DFD6.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-13 16:21 - 2015-06-13 16:21 - 00027259 _____ C:\Users\Xation RAP\Desktop\FRST.txt
2015-06-13 16:21 - 2015-06-13 16:21 - 00000000 ____D C:\FRST
2015-06-13 16:20 - 2015-06-13 16:20 - 02108928 _____ (Farbar) C:\Users\Xation RAP\Desktop\FRST64.exe
2015-06-13 16:19 - 2015-06-13 16:19 - 00050477 _____ C:\Users\Xation RAP\Desktop\Defogger.exe
2015-06-13 16:19 - 2015-06-13 16:19 - 00000482 _____ C:\Users\Xation RAP\Desktop\defogger_disable.log
2015-06-13 16:19 - 2015-06-13 16:19 - 00000000 _____ C:\Users\Xation RAP\defogger_reenable
2015-06-11 00:26 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 00:26 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 00:26 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 00:26 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 00:26 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 00:26 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-11 00:26 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-11 00:26 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-11 00:26 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-11 00:26 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-11 00:25 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 00:25 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-11 00:25 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-11 00:25 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-11 00:25 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-11 00:25 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 00:25 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-11 00:25 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-11 00:25 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-11 00:25 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-11 00:25 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-11 00:25 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-11 00:25 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-11 00:25 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-11 00:25 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-11 00:25 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 00:25 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-11 00:25 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 00:25 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-11 00:22 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-11 00:22 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-11 00:22 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-11 00:22 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-11 00:22 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-11 00:22 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-11 00:22 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-11 00:22 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-11 00:22 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-11 00:22 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-11 00:22 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-11 00:22 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-11 00:22 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-11 00:22 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-11 00:22 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-11 00:22 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-11 00:22 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-11 00:22 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-11 00:22 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-11 00:22 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-11 00:22 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-11 00:22 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-11 00:22 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-11 00:22 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-11 00:22 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-11 00:22 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-11 00:22 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-11 00:22 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-11 00:22 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-11 00:22 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-11 00:22 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-11 00:22 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-11 00:22 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-11 00:22 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-11 00:22 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-11 00:22 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-11 00:22 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-11 00:22 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-11 00:22 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-11 00:22 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-11 00:22 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-11 00:22 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-11 00:22 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-11 00:22 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-11 00:22 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-11 00:22 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-11 00:22 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-11 00:22 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-11 00:22 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-11 00:22 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-11 00:22 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-11 00:22 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-11 00:22 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-11 00:22 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-11 00:22 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-11 00:22 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-11 00:22 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-11 00:22 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-11 00:22 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-11 00:22 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-11 00:22 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-11 00:08 - 2015-06-11 00:08 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-09 13:08 - 2015-06-09 13:15 - 00000404 _____ C:\Windows\Tasks\SpyHunter4.job
2015-06-09 13:08 - 2015-06-09 13:09 - 00003784 _____ C:\Windows\System32\Tasks\SpyHunter4
2015-06-08 15:37 - 2015-06-08 15:37 - 01197344 _____ C:\Users\Xation RAP\Downloads\HijackThis - CHIP-Installer (1).exe
2015-06-08 15:22 - 2015-06-08 15:22 - 01197344 _____ C:\Users\Xation RAP\Downloads\HijackThis - CHIP-Installer.exe
2015-06-08 15:03 - 2015-06-08 15:03 - 00003354 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2015-06-08 15:03 - 2015-06-08 15:03 - 00001091 _____ C:\Users\Xation RAP\Desktop\SpyHunter.lnk
2015-06-08 15:03 - 2015-06-08 15:03 - 00000000 ____D C:\Users\Xation RAP\AppData\Roaming\Enigma Software Group
2015-06-08 15:03 - 2015-06-08 15:03 - 00000000 ____D C:\sh4ldr
2015-06-08 15:03 - 2015-06-08 15:03 - 00000000 _____ C:\autoexec.bat
2015-06-08 15:02 - 2015-06-08 15:02 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-06-08 15:02 - 2015-06-08 15:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-06-08 15:01 - 2015-06-08 15:01 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Xation RAP\Downloads\SpyHunter-Installer.exe
2015-06-08 13:43 - 2015-06-08 13:43 - 00000000 ____D C:\temp
2015-06-08 13:42 - 2015-02-04 05:56 - 31515280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 24198856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 22993224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 13916280 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 12894024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-08 13:42 - 2015-02-04 05:56 - 11272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 04244680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 03987600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 02823992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 01907400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434144.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 01555656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434144.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 00944328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 00907464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 00902344 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-08 13:42 - 2015-02-04 05:56 - 00870032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-08 13:32 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-08 13:32 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-07 16:41 - 2015-06-07 16:41 - 00003416 ____N C:\bootsqm.dat
2015-06-06 19:57 - 2015-06-06 19:59 - 00000000 ____D C:\Users\Xation RAP\Documents\Heroes of the Storm
2015-06-06 19:55 - 2015-06-06 19:55 - 00001199 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-06-06 19:55 - 2015-06-06 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-06-06 17:17 - 2015-06-13 15:03 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-06-06 15:04 - 2015-06-06 15:04 - 00001426 _____ C:\Users\Public\Desktop\World of Warcraft Public Test.lnk
2015-06-06 14:54 - 2015-06-13 12:13 - 00000000 ____D C:\Program Files (x86)\World of Warcraft Public Test
2015-06-06 01:45 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-06 01:45 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-06 01:45 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-06 01:45 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-06 01:45 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-06 01:45 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-06 01:45 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-06 01:45 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-02 23:59 - 2015-06-02 23:59 - 00000000 ____D C:\Users\Xation RAP\AppData\Local\GWX
2015-05-15 14:40 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 14:40 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-13 16:19 - 2013-08-31 00:08 - 00000000 ____D C:\Users\Xation RAP
2015-06-13 16:17 - 2009-11-12 20:16 - 01571365 _____ C:\Windows\WindowsUpdate.log
2015-06-13 16:16 - 2013-12-19 19:32 - 00000000 ____D C:\Users\Xation RAP\AppData\Local\Deployment
2015-06-13 16:14 - 2015-02-04 06:54 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-13 16:14 - 2014-09-02 15:48 - 00000000 ____D C:\Users\Xation RAP\AppData\Local\SWDS
2015-06-13 16:14 - 2012-09-19 13:08 - 00000416 ____H C:\Windows\Tasks\OptimizerPro1UpdaterTask{DCEDDF43-55B1-46F9-B9F1-D2F857ADF13C}.job
2015-06-13 16:14 - 2012-09-19 09:05 - 00000416 ____H C:\Windows\Tasks\OptimizerPro1UpdaterTask{985914A4-7E5B-4A44-ABFF-BFA40E96F1AB}.job
2015-06-13 16:13 - 2013-06-20 16:06 - 00148642 _____ C:\Windows\setupact.log
2015-06-13 16:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-13 15:57 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-13 15:57 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-13 15:37 - 2014-03-16 12:52 - 00000000 ____D C:\Users\Xation RAP\AppData\Local\Battle.net
2015-06-13 14:52 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-13 14:28 - 2012-04-11 22:15 - 00001146 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3370461886-3779078357-998046073-1008UA.job
2015-06-13 14:24 - 2015-02-04 06:54 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-13 13:44 - 2012-04-22 09:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-12 23:28 - 2012-04-11 22:15 - 00001124 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3370461886-3779078357-998046073-1008Core.job
2015-06-12 00:45 - 2012-04-22 09:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-12 00:45 - 2012-04-22 09:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-12 00:45 - 2011-10-31 09:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-11 23:50 - 2012-11-29 01:04 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-11 23:50 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 23:49 - 2009-07-14 06:45 - 05052208 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 23:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 23:21 - 2009-08-15 06:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 00:50 - 2015-02-04 06:55 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-08 14:58 - 2013-08-04 10:16 - 00549480 _____ C:\Windows\PFRO.log
2015-06-08 13:57 - 2014-09-01 23:54 - 00000000 ____D C:\Users\Xation RAP\AppData\Local\NVIDIA Corporation
2015-06-08 13:57 - 2014-09-01 23:54 - 00000000 ____D C:\Users\Xation RAP\AppData\Local\NVIDIA
2015-06-08 13:46 - 2009-11-12 20:23 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-08 13:42 - 2012-11-18 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-08 13:33 - 2012-02-20 21:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-08 13:32 - 2012-03-09 19:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-08 13:32 - 2012-02-20 21:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-08 13:31 - 2014-12-19 18:26 - 00000000 ____D C:\Users\kaa\AppData\Local\NVIDIA Corporation
2015-06-08 13:31 - 2014-12-19 18:26 - 00000000 ____D C:\Users\kaa\AppData\Local\NVIDIA
2015-06-08 13:23 - 2014-12-19 18:31 - 00000000 ____D C:\Users\kaa\AppData\Roaming\Avira
2015-06-06 19:57 - 2010-08-24 19:51 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-06-06 15:57 - 2014-07-13 11:24 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-06-06 14:53 - 2014-03-16 12:52 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-06 13:24 - 2014-12-11 11:08 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 13:24 - 2014-05-07 00:40 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-05-30 23:44 - 2013-12-28 14:17 - 00000000 ____D C:\Users\Xation RAP\AppData\Local\Spotify
2015-05-30 23:38 - 2015-05-01 12:59 - 00000000 ____D C:\Users\Xation RAP\AppData\Roaming\Spotify
2015-05-23 03:47 - 2014-09-01 23:54 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2014-09-01 23:54 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2014-09-01 23:54 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2014-09-01 23:54 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-21 00:06 - 2009-11-11 14:33 - 00699490 _____ C:\Windows\system32\perfh007.dat
2015-05-21 00:06 - 2009-11-11 14:33 - 00149630 _____ C:\Windows\system32\perfc007.dat
2015-05-21 00:06 - 2009-07-14 07:13 - 01620932 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-19 23:49 - 2015-04-05 20:39 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-19 23:49 - 2015-04-05 20:39 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 23:19 - 2015-02-04 06:54 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 23:19 - 2015-02-04 06:54 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 10:26 - 2012-05-20 00:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-19 10:26 - 2012-05-20 00:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-15 15:28 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 15:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-15 14:40 - 2012-05-20 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Files in the root of some directories =======
2009-08-15 06:11 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2013-09-08 22:18 - 2015-01-14 18:19 - 0005120 _____ () C:\Users\Xation RAP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-01 13:58 - 2014-09-11 01:29 - 0007600 _____ () C:\Users\Xation RAP\AppData\Local\Resmon.ResmonCfg
2011-12-14 16:58 - 2011-12-14 16:58 - 0000000 _____ () C:\ProgramData\386cda49d45d6907f28b0407f2be8d2d_c
2009-11-12 20:26 - 2009-11-12 20:28 - 0008031 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-08-15 06:12 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2011-01-04 23:30 - 2014-12-02 13:33 - 0007650 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Alex #1\AppData\Local\Temp\09132107isxdl.dll
C:\Users\Alex #1\AppData\Local\Temp\09132107mcpx.dll
C:\Users\Alex #1\AppData\Local\Temp\09132107ShellExt.dll
C:\Users\Alex #1\AppData\Local\Temp\09136141isxdl.dll
C:\Users\Alex #1\AppData\Local\Temp\09136141mcpx.dll
C:\Users\Alex #1\AppData\Local\Temp\09136141ShellExt.dll
C:\Users\Alex #1\AppData\Local\Temp\14102128isxdl.dll
C:\Users\Alex #1\AppData\Local\Temp\14102128mcpx.dll
C:\Users\Alex #1\AppData\Local\Temp\14102128ShellExt.dll
C:\Users\Alex #1\AppData\Local\Temp\7za.exe
C:\Users\Alex #1\AppData\Local\Temp\ApnIC.dll
C:\Users\Alex #1\AppData\Local\Temp\APNSTUB.EXE
C:\Users\Alex #1\AppData\Local\Temp\APNTOOLBARINSTALLER.EXE
C:\Users\Alex #1\AppData\Local\Temp\AskSLib.dll
C:\Users\Alex #1\AppData\Local\Temp\contentDATs.exe
C:\Users\Alex #1\AppData\Local\Temp\crt7360.tmp.exe
C:\Users\Alex #1\AppData\Local\Temp\ezLooker-S-Setup_Suite1.exe
C:\Users\Alex #1\AppData\Local\Temp\FastDownload.exe
C:\Users\Alex #1\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Alex #1\AppData\Local\Temp\OptChrome.exe
C:\Users\Alex #1\AppData\Local\Temp\SEARCHRESULTSTOOLBAR.EXE
C:\Users\Alex #1\AppData\Local\Temp\setup_snapdo.exe
C:\Users\Alex #1\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Alex #1\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Alex #1\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alex #1\AppData\Local\Temp\sonarinst.exe
C:\Users\Alex #1\AppData\Local\Temp\SQLite.dll
C:\Users\Alex #1\AppData\Local\Temp\sqlite3.exe
C:\Users\Alex #1\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Alex #1\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Alex #1\AppData\Local\Temp\tbDVDerror.dll
C:\Users\Alex #1\AppData\Local\Temp\tbedrs.dll
C:\Users\Alex #1\AppData\Local\Temp\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
C:\Users\Alex #1\AppData\Local\Temp\utt37F6.tmp.exe
C:\Users\Alex #1\AppData\Local\Temp\YontooIEClient.dll
C:\Users\Alex #1\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\kaa\AppData\Local\Temp\avgnt.exe
C:\Users\kaa\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\kaa\AppData\Local\Temp\nvStInst.exe
C:\Users\Xation RAP\AppData\Local\Temp\ApnIC.dll
C:\Users\Xation RAP\AppData\Local\Temp\APNSTUB.EXE
C:\Users\Xation RAP\AppData\Local\Temp\APNTOOLBARINSTALLER.EXE
C:\Users\Xation RAP\AppData\Local\Temp\AskSLib.dll
C:\Users\Xation RAP\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Xation RAP\AppData\Local\Temp\avgnt.exe
C:\Users\Xation RAP\AppData\Local\Temp\EASOUNInstaller.exe
C:\Users\Xation RAP\AppData\Local\Temp\GuardICQ.exe
C:\Users\Xation RAP\AppData\Local\Temp\gwunstal.exe
C:\Users\Xation RAP\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Xation RAP\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Xation RAP\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Xation RAP\AppData\Local\Temp\nvStInst.exe
C:\Users\Xation RAP\AppData\Local\Temp\SEARCHRESULTSTOOLBAR.EXE
C:\Users\Xation RAP\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-07 16:26
==================== End of log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-13 16:33:49
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST310005 rev.CC44 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\XATION~1\AppData\Local\Temp\kglyauog.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960000e4d00 7 bytes [00, 89, F3, FF, C1, 98, F0]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff960000e4d08 3 bytes [C0, 06, 02]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075fd1401 2 bytes JMP 7788b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075fd1419 2 bytes JMP 7788b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075fd1431 2 bytes JMP 77908f29 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075fd144a 2 bytes CALL 7786489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075fd14dd 2 bytes JMP 77908822 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075fd14f5 2 bytes JMP 779089f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075fd150d 2 bytes JMP 77908718 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075fd1525 2 bytes JMP 77908ae2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075fd153d 2 bytes JMP 7787fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075fd1555 2 bytes JMP 778868ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075fd156d 2 bytes JMP 77908fe3 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075fd1585 2 bytes JMP 77908b42 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075fd159d 2 bytes JMP 779086dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075fd15b5 2 bytes JMP 7787fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075fd15cd 2 bytes JMP 7788b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075fd16b2 2 bytes JMP 77908ea4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1764] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075fd16bd 2 bytes JMP 77908671 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075fd1401 2 bytes JMP 7788b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075fd1419 2 bytes JMP 7788b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075fd1431 2 bytes JMP 77908f29 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075fd144a 2 bytes CALL 7786489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075fd14dd 2 bytes JMP 77908822 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075fd14f5 2 bytes JMP 779089f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075fd150d 2 bytes JMP 77908718 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075fd1525 2 bytes JMP 77908ae2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075fd153d 2 bytes JMP 7787fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075fd1555 2 bytes JMP 778868ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075fd156d 2 bytes JMP 77908fe3 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075fd1585 2 bytes JMP 77908b42 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075fd159d 2 bytes JMP 779086dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075fd15b5 2 bytes JMP 7787fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075fd15cd 2 bytes JMP 7788b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075fd16b2 2 bytes JMP 77908ea4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075fd16bd 2 bytes JMP 77908671 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 0000000073a817fa 2 bytes CALL 778611a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 0000000073a81860 2 bytes CALL 778611a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 0000000073a81942 2 bytes JMP 75ad7089 C:\Windows\syswow64\WS2_32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 0000000073a8194d 2 bytes JMP 75adcba6 C:\Windows\syswow64\WS2_32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075fd1401 2 bytes JMP 7788b21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075fd1419 2 bytes JMP 7788b346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075fd1431 2 bytes JMP 77908f29 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075fd144a 2 bytes CALL 7786489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075fd14dd 2 bytes JMP 77908822 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075fd14f5 2 bytes JMP 779089f8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075fd150d 2 bytes JMP 77908718 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075fd1525 2 bytes JMP 77908ae2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075fd153d 2 bytes JMP 7787fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075fd1555 2 bytes JMP 778868ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075fd156d 2 bytes JMP 77908fe3 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075fd1585 2 bytes JMP 77908b42 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075fd159d 2 bytes JMP 779086dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075fd15b5 2 bytes JMP 7787fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075fd15cd 2 bytes JMP 7788b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075fd16b2 2 bytes JMP 77908ea4 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[1956] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075fd16bd 2 bytes JMP 77908671 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075fd1401 2 bytes JMP 7788b21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075fd1419 2 bytes JMP 7788b346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075fd1431 2 bytes JMP 77908f29 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075fd144a 2 bytes CALL 7786489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075fd14dd 2 bytes JMP 77908822 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075fd14f5 2 bytes JMP 779089f8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075fd150d 2 bytes JMP 77908718 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075fd1525 2 bytes JMP 77908ae2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075fd153d 2 bytes JMP 7787fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075fd1555 2 bytes JMP 778868ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075fd156d 2 bytes JMP 77908fe3 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075fd1585 2 bytes JMP 77908b42 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075fd159d 2 bytes JMP 779086dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075fd15b5 2 bytes JMP 7787fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075fd15cd 2 bytes JMP 7788b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075fd16b2 2 bytes JMP 77908ea4 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\mjcm\dnkt.exe[3980] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075fd16bd 2 bytes JMP 77908671 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075b22ab1 5 bytes JMP 00000001001af046
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075fd1401 2 bytes JMP 7788b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075fd1419 2 bytes JMP 7788b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075fd1431 2 bytes JMP 77908f29 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075fd144a 2 bytes CALL 7786489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075fd14dd 2 bytes JMP 77908822 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075fd14f5 2 bytes JMP 779089f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075fd150d 2 bytes JMP 77908718 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075fd1525 2 bytes JMP 77908ae2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075fd153d 2 bytes JMP 7787fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075fd1555 2 bytes JMP 778868ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075fd156d 2 bytes JMP 77908fe3 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075fd1585 2 bytes JMP 77908b42 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075fd159d 2 bytes JMP 779086dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075fd15b5 2 bytes JMP 7787fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075fd15cd 2 bytes JMP 7788b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075fd16b2 2 bytes JMP 77908ea4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3936] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075fd16bd 2 bytes JMP 77908671 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075fd1401 2 bytes JMP 7788b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075fd1419 2 bytes JMP 7788b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075fd1431 2 bytes JMP 77908f29 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075fd144a 2 bytes CALL 7786489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075fd14dd 2 bytes JMP 77908822 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075fd14f5 2 bytes JMP 779089f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075fd150d 2 bytes JMP 77908718 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075fd1525 2 bytes JMP 77908ae2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075fd153d 2 bytes JMP 7787fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075fd1555 2 bytes JMP 778868ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075fd156d 2 bytes JMP 77908fe3 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075fd1585 2 bytes JMP 77908b42 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075fd159d 2 bytes JMP 779086dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075fd15b5 2 bytes JMP 7787fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075fd15cd 2 bytes JMP 7788b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075fd16b2 2 bytes JMP 77908ea4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[260] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075fd16bd 2 bytes JMP 77908671 C:\Windows\syswow64\kernel32.dll
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [3828:4436] 000007feee93bc60
Thread C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [3836:4488] 000007feeea9f5f8
Thread C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [3836:4496] 000007feee93bc60
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2708:6480] 0000000076327587
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2708:3292] 000000006ee08aa6
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2708:6396] 0000000077db2e65
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2708:6640] 0000000077db3e85
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2708:2176] 0000000077db3e85
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2708:5344] 0000000077db3e85
---- EOF - GMER 2.1 ----
Mit freundlichen Grüßen Alex |
|
13.06.2015, 17:32
| #2 |
| | PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Und hier noch die Addition Datei:
__________________[CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Xation RAP at 2015-06-13 16:22:19
Running from C:\Users\Xation RAP\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3370461886-3779078357-998046073-500 - Administrator - Disabled)
Gast (S-1-5-21-3370461886-3779078357-998046073-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3370461886-3779078357-998046073-1002 - Limited - Enabled)
kaa (S-1-5-21-3370461886-3779078357-998046073-1018 - Administrator - Enabled) => C:\Users\kaa
Xation RAP (S-1-5-21-3370461886-3779078357-998046073-1017 - Administrator - Enabled) => C:\Users\Xation RAP
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.1.6731 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.1.6731 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader X - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Curse Client (HKU\S-1-5-21-3370461886-3779078357-998046073-1017\...\101a9f93b8f0bb6f) (Version: 5.1.1.840 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
DealPly (HKU\.DEFAULT\...\DealPly) (Version: - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.8.9.0 - DVDVideoSoftTB DE)
eBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)
Facebook Messenger 2.1.4651.0 (HKLM-x32\...\{17D26CDD-B87C-412B-92F0-2D5DD4313522}) (Version: 2.1.4651.0 - Facebook)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
FreeOnlineRadioPlayerRecorder Toolbar (HKLM-x32\...\FreeOnlineRadioPlayerRecorder Toolbar) (Version: 6.9.0.16 - FreeOnlineRadioPlayerRecorder)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.1.5.4 - ) <==== ATTENTION
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java(TM) 6 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416031FF}) (Version: 6.0.310 - Oracle)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 3.6 (HKLM-x32\...\{CBCF6C86-4738-4A84-9C2C-331804DCEB9B}) (Version: 3.6.3.2 - The Document Foundation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 12.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{0fc02553-2ef8-4d54-956b-e062e8830a8c}) (Version: - Nero AG)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
pc gear de Toolbar (HKLM-x32\...\pc_gear_de Toolbar) (Version: 6.2.3.0 - pc gear de)
PC Speed Up Extension (HKLM-x32\...\PC Speed Up Extension) (Version: 1.24.151.151 - Speedchecker)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version: - VeryPDF.com Inc)
Premiumplay Codec-C (HKLM-x32\...\Premiumplay Codec-C) (Version: 1.6.146.147 - WebPicks) <==== ATTENTION
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5874 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Snap.Do (HKLM-x32\...\{35E583DD-5C66-46B4-ADA2-C22640D4B54D}) (Version: 1.6.0.323 - ReSoft Ltd.) <==== ATTENTION
softonic-de3 Toolbar (HKLM-x32\...\softonic-de3 Toolbar) (Version: 6.8.5.1 - softonic-de3) <==== ATTENTION
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.17.201412121559 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
Spotify (HKU\S-1-5-21-3370461886-3779078357-998046073-1017\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.8.5.1 - Winload)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC)
ZoneAlarm Antivirus (x32 Version: 10.2.081.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version: - Check Point Software Technologies)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3370461886-3779078357-998046073-1017_Classes\CLSID\{e116b04b-14e4-43bd-8c7b-fd512dc471b2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-06-21 19:27 - 00000862 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 arctium.logon.battle.net
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0253307C-5DD7-4E37-AF8A-D7A6330C8327} - System32\Tasks\{CD2CF794-DF43-4FD1-9D4E-6439E014B61F} => D:\Spiele\Electronic Arts\Die Sims 3\Game\Bin\Sims3Launcher.exe
Task: {07F99AEF-92F1-4C37-B1C7-3B453AA5B6A5} - System32\Tasks\{68EBF6D6-C16A-4176-BC7D-731B9FFFAFD6} => pcalua.exe -a C:\Users\Alexander\Documents\Bulshit-Box\DotNetFx35ClientSetup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {0D31EE49-3DC8-4F61-86BF-4C9669FB4D8D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {0D6848AE-5B39-45C9-B832-8BE3F95731EA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {0DC35295-8E97-4F69-B3F7-276607F71B52} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION
Task: {0F444FBB-E0A5-41B1-9F04-8C203382F2AC} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {10A5250B-530D-404E-A853-5BB968699D5D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3370461886-3779078357-998046073-1008Core => C:\Users\Alex #1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {11D6FCE5-1467-4946-979B-7DC9F444FA76} - System32\Tasks\{2746626D-05C1-4609-94A2-EE61459C6B5A} => pcalua.exe -a C:\Users\Alexander\Documents\rom\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {14267785-0DBD-466A-B672-AB39B1245926} - System32\Tasks\{867B5645-D875-42F0-B6EE-44DB995BDE66} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2015-03-18] (Microsoft Corporation)
Task: {15CEC3A1-C415-4CD4-A5B1-C8CE4127715C} - System32\Tasks\{6982300D-BB48-4F71-98C9-9BAEBEBD04B0} => D:\Spiele\World of Warcraft\Launcher.exe
Task: {1923C64E-13B5-47CA-89DF-E713421CD46C} - System32\Tasks\{B10432E5-DC04-467F-B371-709F928906BE} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2015-03-18] (Microsoft Corporation)
Task: {19C83796-C246-454E-B4AB-2B486CDAB9DC} - System32\Tasks\{B1E066BD-089C-462F-935A-D8C742EF6A28} => C:\Program Files (x86)\EA Games\Command & Conquer Generäle Stunde Null\generals.exe
Task: {252B7B96-0A71-4801-B796-0BB33912E164} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {25FBAD6F-C6FA-419A-A300-B5131A9C473A} - System32\Tasks\{EC15ADD1-CC28-47A7-B0A5-0A9921A17761} => C:\Program Files (x86)\EA Games\Command & Conquer Generäle Stunde Null\generals.exe
Task: {26852315-49C4-4187-8878-17A8E3E70C11} - System32\Tasks\{DA839A0B-9DDD-4053-B521-A55A101FAB4C} => pcalua.exe -a C:\Users\ALEX#1~1\AppData\Local\Temp\VSD53BC.tmp\DotNetFx35Client\DotNetFx35ClientSetup.exe -d "C:\Users\Alex #1\Downloads" -c /lang:enu /passive /norestart
Task: {2A97646F-7036-43B6-AEF0-DC4E3FD4BA93} - System32\Tasks\{A7738434-847A-4F57-9115-450A7EB82D82} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2015-03-18] (Microsoft Corporation)
Task: {35E4AC95-D975-485F-AAD2-508F83A45ECE} - System32\Tasks\{DC457C74-6BD2-4705-9CEA-CF243E16EF06} => C:\Program Files (x86)\Runes of Magic\Runes of Magic.exe
Task: {3FD81841-B122-40DC-9784-262CD0B35CCD} - System32\Tasks\{DBD175AC-32EB-434A-9E90-9140DE2E089D} => C:\Program Files (x86)\EA Games\Command & Conquer Generäle Stunde Null\generals.exe
Task: {445153E9-2F33-4B90-92BD-474375987301} - System32\Tasks\{8C295028-0CF5-4E57-8861-74D3B17B83BC} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QU5HHGQ2\setup.exe" -d C:\Users\Alexander\Desktop
Task: {49E7D60F-9359-4FD1-813B-E6CF94B5D647} - System32\Tasks\{A8D42E86-3AE2-41CA-B088-5F45B048024F} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/50280
Task: {4B6F54BA-7CEC-4408-B870-0DBA954F7504} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-06-08] (Enigma Software Group USA, LLC.)
Task: {4C138A32-C7D3-4FE0-B5FF-AAC96BB2A051} - System32\Tasks\{CBDD099F-BADD-4280-8AA8-0E751F65EA61} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {4E141D1B-DDD1-4477-AFCB-07754638176C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {50B384D7-4B55-4894-9505-6052AB7D46A3} - System32\Tasks\{0D765F4F-E30F-4FBF-823E-E55DE1C02814} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {516EE4DC-C154-4F30-8263-B44E6E358A6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {574BA818-9A62-435B-898E-533BCD4ABCED} - System32\Tasks\{B55F9A3D-63E7-4C52-8988-47CBA6A496C0} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {5ED6B49D-B24C-4994-BC85-C0E0D59E595B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {623389ED-5B70-4447-BEA0-76AF73880AC0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {631FF984-D889-4142-8FB5-692E527992EA} - System32\Tasks\Egis technology-Online-Aktualisierungsprogramm => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04] (Egis Technology Inc.)
Task: {6C90C03C-4E9D-4412-8CBB-BFE9DF130385} - System32\Tasks\{AD2295C5-FFEF-4E59-ACD4-1B3CD1B18D2E} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2015-03-18] (Microsoft Corporation)
Task: {770D1B53-4DA7-4EF1-8F00-48614A7A3DC7} - System32\Tasks\OptimizerPro1UpdaterTask{985914A4-7E5B-4A44-ABFF-BFA40E96F1AB} => C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe <==== ATTENTION
Task: {7AF586B6-1313-4144-A882-0A4742EF2794} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {7D3CDA5B-DECD-4D15-A4EE-3A651B96754A} - System32\Tasks\{1824DE64-0A80-4F45-8702-18607BB7B643} => pcalua.exe -a C:\Users\Alexander\Documents\Bulshit-Box\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {7D4F51E5-97C6-4C77-B4EE-919176DA4D93} - System32\Tasks\{608AE19E-CC5C-46C7-B35F-C7F9D665FBC4} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe"
Task: {8239CAE8-57C5-4E19-BEF6-8D494EE92838} - System32\Tasks\{73872ADE-37E1-4258-ABF0-3E998A83C9F5} => D:\Spiele\World of Warcraft\Launcher.exe
Task: {84812AB3-C5D1-44CD-9424-251843C9D44A} - System32\Tasks\{758492CA-1480-4AFE-8039-B90E459C19CD} => Chrome.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {8507A46F-C209-4CAF-AB0B-1048DF2572D1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3370461886-3779078357-998046073-1008UA => C:\Users\Alex #1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {86DCB823-6702-49A0-B6C0-A9575B469712} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3370461886-3779078357-998046073-1004
Task: {8710CEFA-EE5A-4122-9D5A-061B61CAAC63} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-09] (Microsoft Corporation)
Task: {8EE2AEA9-90E1-48EB-83CE-ACF995BA4789} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {96DF5073-8BB7-4210-9429-1641F6345A44} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {9FF6276E-B7BA-4BB2-8159-A05BD5A3E685} - System32\Tasks\{EF6ED641-1837-425A-AD41-6EB89DF228DD} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2015-03-18] (Microsoft Corporation)
Task: {A004CDF8-3767-41A6-998E-04218809F511} - System32\Tasks\{B4AE816E-6CCA-4E36-BF80-6FB4F7F41071} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2015-03-18] (Microsoft Corporation)
Task: {A4B75944-0AFF-49EB-AF5C-B677A378077F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A6DE0134-F780-4ED8-8BE3-A712216046F4} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {A7EA7C66-74B7-43C3-B298-1C03E99733EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.)
Task: {AD922D65-6291-4350-B74E-C500D5C59A5E} - System32\Tasks\RunAsStdUser Task => C:\Users\Alexander\AppData\Local\SeekmoSA\bin\16.0.16.0\SeekmoSA.exe
Task: {ADE91FB1-38B4-4785-B7C4-7B32B32F7BA9} - System32\Tasks\{49C4496E-6A59-4558-9950-375D0FA5DB28} => pcalua.exe -a E:\Installer.exe -d E:\
Task: {B460984B-B7CF-4608-B77A-E4B4EE553600} - System32\Tasks\{68B3BE54-4DE0-4A14-BDCB-45BED0992228} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -d "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib"
Task: {C4C003DF-81E8-4F65-B809-1FF93D41F30C} - System32\Tasks\{A8A0D14B-D27D-4D0C-99A3-F93CFE611029} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\SteamService.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Mafia II - Public Demo\runasadmin.vdf" 50280
Task: {C585ED3F-FA72-4BFF-A512-46DA8C9A7D98} - System32\Tasks\{52463B46-1BB3-4238-9722-C13EC96F0E4B} => C:\Program Files (x86)\EA Games\Command & Conquer Generäle Stunde Null\generals.exe
Task: {CBB38CFB-5568-4FB6-8D5A-98461B1788C3} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {D2C1BF31-E2FB-4D3B-83B7-C036FF0DF4F3} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [2015-06-08] (Enigma Software Group USA, LLC.)
Task: {DE9D6BF1-432A-4256-95AB-53188DB00D7F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E0715288-ABC9-48D5-892B-6F5E87CEB15D} - System32\Tasks\{A332E311-32D3-40BE-BB10-CD46DA4C6715} => pcalua.exe -a "C:\Program Files (x86)\Steam\Steam.exe" -d "C:\Program Files (x86)\Steam"
Task: {E6076E8F-3014-4982-B547-1AC26B9836B8} - System32\Tasks\OptimizerPro1UpdaterTask{DCEDDF43-55B1-46F9-B9F1-D2F857ADF13C} => C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe <==== ATTENTION
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {EB2AE49C-0BD1-46FF-900C-86E8CE43BBF1} - System32\Tasks\{EDB562C5-B5DF-4031-BCDA-B73B172795B9} => C:\Program Files (x86)\EA Games\Command & Conquer Generäle Stunde Null\generals.exe
Task: {EC69E269-72A3-44CE-BECE-8064B4224AD7} - System32\Tasks\{AC885D20-26A7-4E80-8A8D-318E5255B5D0} => C:\Program Files (x86)\EA Games\Command & Conquer Generäle Stunde Null\generals.exe
Task: {EC7B2360-15F5-4F83-9227-DBA6C2D1A6E2} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {EDF406FD-0D85-4937-A00A-B45F5C44479D} - System32\Tasks\{DEC602EE-0534-4457-B947-991AEC4600AD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {F083448E-1E42-4853-9AE0-338B220BCBA6} - System32\Tasks\{DBD41CBB-790D-4AC5-BC44-399E0354C92C} => pcalua.exe -a C:\Users\Alexander\Desktop\MafiaIIDemo\SetupLauncher.exe -d C:\Users\Alexander\Desktop\MafiaIIDemo
Task: {F41E31E6-3012-4D64-91D2-C65A04A1EC9D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F6635BF9-E1C1-411C-A645-065EEA78C709} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F6C683E9-0CD1-47C0-894C-783ADE701F63} - System32\Tasks\{8CD7D11E-955D-44A2-AB67-E6AB6DDCB450} => Chrome.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/abandoninstall?page=tsProgressBar
Task: {F8962557-353B-4296-82E5-BEC7A0BDDDB1} - System32\Tasks\{2F8CBC69-95FC-4675-859E-9DC14A8C7130} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YE008I5F\setup.exe" -d C:\Users\Alexander\Desktop
Task: {F8F9E637-F404-4792-B54E-1F50469F2152} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {FAD4BAB5-B25D-4712-84DA-8A7E4611A3E9} - System32\Tasks\{3EB54ED4-3718-4568-93F2-9153608DAD53} => C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
Task: {FC9D647B-877F-4E9D-9C08-4475524A63AA} - System32\Tasks\{A09D9180-43F5-4388-85A4-7AAB0862F987} => pcalua.exe -a C:\Users\ALEXAN~1\AppData\Local\Temp\VSD4242.tmp\DotNetFx35Client\DotNetFx35ClientSetup.exe -d "C:\Program Files (x86)\Mozilla Firefox" -c /lang:enu /passive /norestart
Task: {FE7C25B7-6ED8-4740-BDF0-6BD5B14C1614} - System32\Tasks\{72F25A4B-B2B2-4AF4-A08E-18C96B557883} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3370461886-3779078357-998046073-1008Core.job => C:\Users\Alex #1\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3370461886-3779078357-998046073-1008UA.job => C:\Users\Alex #1\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OptimizerPro1UpdaterTask{985914A4-7E5B-4A44-ABFF-BFA40E96F1AB}.job => C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exeJ/schedule /profilepath C:\ProgramData\Premium\OptimizerPro1\profile.ini <==== ATTENTION
Task: C:\Windows\Tasks\OptimizerPro1UpdaterTask{DCEDDF43-55B1-46F9-B9F1-D2F857ADF13C}.job => C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exeJ/schedule /profilepath C:\ProgramData\Premium\OptimizerPro1\profile.ini <==== ATTENTION
Task: C:\Windows\Tasks\SpyHunter4.job => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
==================== Loaded Modules (Whitelisted) ==============
2012-09-07 20:52 - 2015-01-05 18:48 - 03039536 _____ () C:\Windows\system32\dmwu.exe
2011-10-22 12:31 - 2013-07-07 15:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-02-20 21:57 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-02-03 20:10 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-01-05 18:48 - 2015-01-05 18:48 - 00781616 _____ () C:\Windows\SysWOW64\mjcm\dnkt.exe
2015-01-05 18:48 - 2015-01-05 18:48 - 00921392 _____ () C:\Windows\System32\tprb\dnkt.exe
2015-01-05 18:48 - 2015-01-05 18:48 - 02154288 _____ () C:\Windows\System32\tprb\5154\nsib.dll
2015-06-11 23:11 - 2015-06-11 23:10 - 00016384 ____N () C:\Users\Xation RAP\AppData\Local\Apps\2.0\ZBV8ZOG4.WMY\AB2QM7DM.KEQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62c0f9ec26c\Curse.CurseClient.WowDb.dll
2013-12-19 19:33 - 2013-12-19 19:33 - 00035840 _____ () C:\Users\Xation RAP\AppData\Local\Apps\2.0\ZBV8ZOG4.WMY\AB2QM7DM.KEQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62c0f9ec26c\Curse.Advertising.dll
2015-06-11 23:11 - 2015-06-11 23:10 - 00099840 ____N () C:\Users\Xation RAP\AppData\Local\Apps\2.0\ZBV8ZOG4.WMY\AB2QM7DM.KEQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62c0f9ec26c\Curse.CurseClient.CMOD2.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2015-01-05 18:48 - 2015-01-05 18:48 - 01710384 _____ () C:\Windows\SysWOW64\mjcm\5154\nsib.dll
2015-06-08 13:32 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-11 00:50 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-11 00:50 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-11 00:50 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3370461886-3779078357-998046073-1017\Control Panel\Desktop\\Wallpaper -> C:\Users\Xation RAP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: BBSvc => 3
MSCONFIG\Services: Mp3Tube Toolbar Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: Web Assistant => 2
MSCONFIG\startupreg: Amazing3DAquariumWallpaper =>
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Disker => rundll32.exe C:\Users\ALEXAN~1\AppData\Local\Temp\HIMYM.DLL,DW
MSCONFIG\startupreg: facemoods => "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: IMBooster => C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe /warmup
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: svchospt => C:\Windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: ZoneAlarm Installer => "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml"
MSCONFIG\startupreg: {8556F40E-90D9-2F71-2F79-35BD07ABC0F5} => C:\Users\Alexander\AppData\Roaming\Vagoif\bywiyn.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{37B42CFF-D50C-45D0-AE5C-939DB22792E9}D:\world of warcraft\launcher.exe] => (Allow) D:\world of warcraft\launcher.exe
FirewallRules: [UDP Query User{E78E9D81-9DF0-403C-97B6-6365FA8011B9}D:\world of warcraft\launcher.exe] => (Allow) D:\world of warcraft\launcher.exe
FirewallRules: [{E83A35A1-4173-48BF-A97E-082ED304E141}] => (Allow) D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [{251BA555-E8FE-4D5F-A318-827AF20B3B73}] => (Allow) D:\World of Warcraft\Launcher.patch.exe
FirewallRules: [TCP Query User{3C849B25-F6FF-4D2F-8D99-5495D078AC09}D:\world of warcraft\backgrounddownloader.exe] => (Allow) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [UDP Query User{613589EF-27DC-4243-87B1-5248DEF90D0E}D:\world of warcraft\backgrounddownloader.exe] => (Allow) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [{B320413F-E073-42EC-A42C-EB06335FB596}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{7B987490-0059-4D55-8CE8-156F41BD4EF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [TCP Query User{2EC02D98-1416-4A2F-BF19-3B23B00C4657}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{0787E5CF-A2A8-4FBF-9348-D71DC7517236}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9B65C186-63E8-4443-A294-D01594779C6D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{06B42090-76D0-4C26-9223-29B572220F51}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9B2AEC43-271C-4B93-9BC9-7965CF461CB6}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Block) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{91D3A3D9-BACD-44E6-A742-1A32EF3AD229}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Block) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [TCP Query User{F2EB43EE-2F19-48FE-A7DA-4B4DBB6512E0}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{198D6848-56B9-4F2E-80D3-91285F54D45C}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{01738F9D-5B96-427F-BB3B-1E20D3490273}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{56E05396-AAD9-4D0F-8537-ED46507871C6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{BD4E0F31-34B0-4815-8F84-594252CDC93B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{52364690-EDBA-45D3-BFC6-6A3F2A45BFF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [TCP Query User{3B6036FE-E1A2-41CA-BF7B-93A1D663F78E}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{89CFCF92-D2AB-449C-A00A-EE4C8347F4E4}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{A94E7EB2-DDEF-41B3-B0AB-BDAAECB5FB83}] => (Allow) D:\Spiele\StarCraft II\Versions\Base22612\SC2.exe
FirewallRules: [{DF8833FA-AD1F-4753-A8F8-218952D42955}] => (Allow) D:\Spiele\StarCraft II\Versions\Base22612\SC2.exe
FirewallRules: [{3D91A060-EFEC-4145-8BD5-C5B5AF91B761}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{85C52A35-E1CA-4648-A176-A6446DA2BFE6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [TCP Query User{52D3F783-ED93-4382-8802-19B010696FC5}D:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) D:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [UDP Query User{17C9A0E7-DF76-4A09-9C13-7698E11A06C3}D:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) D:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
FirewallRules: [TCP Query User{BF374C4B-089C-4902-8308-3A6498E094C4}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{25CBD26D-C654-4B52-8B43-63A1B829C762}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{9480D4DF-E7B4-4672-A387-E665DA55B336}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{21C6F8CC-5FD6-4912-B110-C0FAC640A3C6}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{1EB607BA-B932-4267-BE1B-D18B9160D763}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{1A663CA4-0294-41EE-99E1-1CDFF2564DF8}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{A93CE594-6325-4AFA-AA1F-17D48236C8AD}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{081EB7AC-B97B-449D-9CE4-41F37DB656BA}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{FE22E31A-FD73-4435-BA2F-EAEB0F99007F}D:\world of warcraft\backgrounddownloader.exe] => (Allow) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [UDP Query User{0E0F3369-0B39-4FE8-BD45-637CB16BB38E}D:\world of warcraft\backgrounddownloader.exe] => (Allow) D:\world of warcraft\backgrounddownloader.exe
FirewallRules: [{0C80DBC1-3A6B-493C-9652-37ED3BC3232A}] => (Allow) D:\Spiele\StarCraft II\Versions\Base22612\SC2.exe
FirewallRules: [{68CE4B90-B93F-4FC3-86FF-650DD5E08277}] => (Allow) D:\Spiele\StarCraft II\Versions\Base22612\SC2.exe
FirewallRules: [{C0C9AABC-F156-4512-B625-CE0200A07028}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{0DCB0DF4-C1A4-4357-9DB3-63498330BC37}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{1CE8CC48-28C6-4F6C-93DA-F26ABC1D31E0}] => (Allow) C:\Users\Alex #1\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{1FAD8140-684E-449F-A6B6-71A2BAB9B159}] => (Allow) C:\Users\Alex #1\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{BF742DC6-139A-4543-8B24-1CE100CD602A}] => (Allow) C:\Users\Alex #1\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{5B7EB9A0-4219-4419-8481-A4F2664E3966}] => (Allow) C:\Users\Alex #1\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{151DC736-BEF5-4500-AB54-1568D6B59B2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogsDemo\HKShip.exe
FirewallRules: [{C67D14E0-7D79-4B13-890D-EDEF86721130}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogsDemo\HKShip.exe
FirewallRules: [TCP Query User{61C2FFEC-7382-4EBF-A862-6F5181A93EA5}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{1CBE06CF-226E-4EC5-B31B-27123CC6EF0E}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [{6DD1971D-8CEC-4485-80A2-7FD56819A8A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{A28A9BAF-DF2B-47A7-B1FA-7E526D20B913}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{9FA04786-AC44-4BB8-B208-F3FCFC502586}] => (Allow) D:\Spiele\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{0ED91EFD-32A4-481A-8E31-E7ABFE461F56}] => (Allow) D:\Spiele\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{C7B27AD2-8D81-463B-9341-00DF292CAC2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{9542FA30-548C-46DA-B045-628836A66E1E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{C5E85E7B-1883-46E7-948C-071954EA7F1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{0D88CBC1-7B13-499D-BDF2-93BC43269B6E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{CBFC0555-426F-4E3B-BDDE-241F1AAA9BC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\game_launcher.exe
FirewallRules: [{14EA0700-B755-401A-94F0-82AF39B4D0EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\game_launcher.exe
FirewallRules: [{E1487DA2-F147-4CB4-98A9-EBD682A35D2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\saintsrowthethird.exe
FirewallRules: [{77FA1304-FBBE-442B-BFA6-79C0EA0B5CAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\saintsrowthethird.exe
FirewallRules: [{D4AD7ED4-16FE-4055-88C1-1264FEBE5138}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [{E2013330-A8DB-4A29-AC5C-2D55FCD0A809}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [TCP Query User{08B58DEA-51D1-4637-AFAA-E8389195AC03}C:\program files (x86)\steam\steamapps\alexgameralex\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\alexgameralex\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{06FAEA99-8E81-4070-9AF8-79935693455E}C:\program files (x86)\steam\steamapps\alexgameralex\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\alexgameralex\team fortress 2\hl2.exe
FirewallRules: [{D8AEF8FB-1313-4947-913B-349DB8091178}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{B939D4AC-FAB0-4FD3-A116-6F3B147A06E4}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{D8583BD1-29F0-4439-B791-71DF1B40B85B}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{D39F5A74-1AB9-4E4A-BAE6-683E03DE5C68}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{85200CFC-8714-4EF0-A73C-647E68BC7A50}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third - initiation station\InitiationStation.exe
FirewallRules: [{8A0138C6-6DAC-4AF0-951C-637B8CA2CA37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third - initiation station\InitiationStation.exe
FirewallRules: [{411458CB-3E59-43E2-9AB2-976351F48EAB}] => (Allow) D:\Spiele\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{0781C3C1-6738-4CE9-8DED-70DF3136D6F3}] => (Allow) D:\Spiele\StarCraft II\Versions\Base23260\SC2.exe
FirewallRules: [{4991F201-3689-4BE4-AD62-37C2880303D1}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{5D880082-DA77-4858-899D-F7500AB8CDFF}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{329D4E09-AF49-4389-BADE-03B277B7986E}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{9A7109E5-BF53-4AFB-BD18-583679AF7E3F}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{284AEB82-4E97-4E84-9A54-FCF53F5E5668}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{57014B80-8668-403D-924D-CE888C3917D8}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{C4AA472E-201B-4A40-B759-315889203811}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{0D7361AC-3E0B-4B2A-B0BB-840535D6774B}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [TCP Query User{EE281A37-CE06-49C1-B510-CB8356BA5E7F}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{4783837F-A034-48EC-9230-337BDBE9B775}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{61E23B98-4E99-471D-80B1-5E397021767C}] => (Allow) c:\BrickForce\BfLauncher.exe
FirewallRules: [{DF653E16-94A7-4C3A-9D22-6BB1FC10777E}] => (Allow) c:\BrickForce\BrickForce.exe
FirewallRules: [{9C49F5AF-43C5-4B08-8D5B-13BE9FD810EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5D7D23B8-453A-4E46-8482-4F6B2B9095BE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5685B90A-237D-4460-B509-53C1B2B0B17B}] => (Allow) C:\Users\Alex Normales Konto\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{7EB72FAD-191E-422F-81F1-B02A7795DD1D}] => (Allow) C:\Users\Alex Normales Konto\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{6A4A04CB-C962-4FB9-907E-50139D1EA2D7}] => (Allow) C:\Users\neuer alex\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{5CCED75F-2ECE-442C-88F1-61FEFA441AC9}] => (Allow) C:\Users\neuer alex\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{37469A6E-8E89-4C10-8A59-07861178F212}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{E8DCA433-C4E9-4258-8581-AF343A0E3059}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{99A03A06-F052-4F17-BFF5-6B572387D933}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third - initiation station\InitiationStation.exe
FirewallRules: [{3FDE5552-C77E-4876-A5E2-9530903C5ABC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\saints row the third - initiation station\InitiationStation.exe
FirewallRules: [{441289B9-D744-4ED6-840F-F0540948C512}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{919404FE-6765-4F21-92F2-6AD804EC27F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2888D99F-10CC-4B8C-AD21-BD2CBB799213}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F719D500-6664-441A-9B22-F662156D2195}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D11C0394-79F4-4CDE-8E83-5AC1C5C98F2E}] => (Allow) D:\bf3\Battlefield 3\bf3.exe
FirewallRules: [{79E2072E-BB4F-4A4F-8F30-EFE7D822011F}] => (Allow) D:\bf3\Battlefield 3\bf3.exe
FirewallRules: [{CED1F01D-ED73-4E96-B1B1-1956B071AF27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{3A1230F3-3983-46D4-BFAA-A348899C035F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{34F4F17C-C654-464B-A561-6A207F05C028}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{C60BC528-EAF4-4B2B-B4BB-EB9D424DA5C4}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{8A8C7B14-8052-4ADF-A9A0-5C875053D884}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\stronghold kingdoms\StrongholdKingdoms.exe
FirewallRules: [{9F05A648-6E49-4F7F-88FA-522EC02BB02D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\stronghold kingdoms\StrongholdKingdoms.exe
FirewallRules: [{BC1A7502-271B-46B4-AC92-E61E3FFF744E}] => (Allow) C:\Users\neuer alex\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{1AEB0D23-1BB8-46B0-84E5-533565D6D46A}] => (Allow) C:\Users\neuer alex\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{63D96C82-54EB-4544-AFEC-5509E6DA0678}] => (Allow) C:\Users\Alex Normales Konto\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{92D9D662-49FE-4305-8190-8B26C3BB36E2}] => (Allow) C:\Users\Alex Normales Konto\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C03E3ED3-0BD6-4452-8649-1F0A9EEE1F3D}] => (Allow) C:\Users\Alex #2\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{4AB015A4-CDC8-427A-9F72-E8616B28B7D4}] => (Allow) C:\Users\Alex #2\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{571C0026-B533-4CEE-8879-318EEA84824C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{72CE18DA-3792-46F0-82F4-FF1DB93D6841}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{289E5ECB-F4D2-42C3-A9CD-BBE15F469B62}] => (Allow) C:\Users\Alex #2\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{E5D82A66-F945-415B-989F-E203DABE5789}] => (Allow) C:\Users\Alex #2\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{7300B448-9FB9-4BC5-8491-FCFE8DC95F63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\stronghold kingdoms\StrongholdKingdoms.exe
FirewallRules: [{ACA33D53-2B51-4D87-B7E0-71DEC8700006}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\stronghold kingdoms\StrongholdKingdoms.exe
FirewallRules: [{7808F535-24D3-414B-A30F-7E3028D39229}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{74CE45D5-25AF-4C3A-A032-F2464294929D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{9A05DA2C-6C1D-40C7-BC78-39C4D31EC630}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{9C1D11AD-A042-43B7-9A5F-EBDAFBFFB589}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{93E3B7D0-A5F1-4241-8EB0-361E7AAED501}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{96F5935C-7F11-4245-A4A8-D508DCFA0DBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{53FA8D62-E84B-47BF-8DD8-8D14457F86A7}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{DAF8750D-8DF3-464D-B886-72F039211EA0}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{56EE71BD-4E2D-4ED4-B753-D920827790AB}] => (Allow) C:\Users\Xation RAP\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{73E0B2DC-03CB-4330-BA17-CE65FB322257}] => (Allow) C:\Users\Xation RAP\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{E7068B78-AE43-40F0-8BC4-6BEFF95C55F1}] => (Allow) C:\Users\Xation RAP\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{677409F0-6944-432F-8394-EABB1B1EAC99}] => (Allow) C:\Users\Xation RAP\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C63D02BF-BD10-4BF9-B105-7C2417B15D10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00C492BF-419E-4504-AC09-91CE68ECEB3D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{CBE95D0A-AD2E-4FE9-A125-EF1E6F291C78}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{0A29D6DC-58BE-44C1-A97F-3CA5B96CEEE0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1B0F52E9-1807-433A-854A-0D2B3A9BEBA7}] => (Allow) D:\wod beta\StarCraft II\StarCraft II.exe
FirewallRules: [{553D73D2-7146-4255-9E8F-AD023E93C739}] => (Allow) D:\wod beta\StarCraft II\StarCraft II.exe
FirewallRules: [{313B9E31-8B30-42A5-99F7-0A5991794817}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{2F8F988B-8170-4372-A6F4-805F878489D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E18F0BD8-E6B2-4E03-A861-2BE83C1C6F45}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{BC6C76EF-D897-436D-BA59-A6C35D086E40}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{D164D070-2AB4-47DC-B66E-C02A7193C91D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{93B9D65B-C589-49F1-90A5-492B3FFD6C37}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4265C05C-A8B1-4AA3-BDE9-E5187DE43E36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7374CF9C-9D46-4BC3-B6C6-613ADF62EF01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3838DB56-23AC-4612-84FD-6A7DE6A08D2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0AEF8E7E-92D3-491C-828E-9D446F46ABA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1395D778-72EF-47F7-978B-49877396D99D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{E5BDC3D2-8A4B-45D2-913B-98C15D7FB39B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{90FD42ED-4186-4E89-84BE-5BDDEBB6BED6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{BE20CC37-8DE7-43B6-9C06-071C17FF6D22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{AE3F0075-F362-4E6C-B4DD-508D7D65568B}] => (Allow) D:\steam\Steam.exe
FirewallRules: [{D8C50988-5CD5-4905-ADC8-79FC0F459B0E}] => (Allow) D:\steam\Steam.exe
FirewallRules: [{3A263CD0-349F-4E00-8E7F-B32D36B5E0CA}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{1F120A29-4FEF-4F46-817E-889966ADE167}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{360F1B21-60D3-4A02-A13C-6F6736ADE655}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{544CCC67-90B1-48C8-9BCD-19B9C39447E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{4D0263B7-706B-4360-9289-04123CA991B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{C60AAA5A-05A4-4945-BA53-9F43E0535C4D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{8BCFD69B-3517-4DFC-9998-1BB18CD6777B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0A6D8127-8741-4D25-9311-F08A0B8AB1F1}] => (Allow) D:\steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{7F7BEE9F-594F-47A2-8B2A-33595D10E2D2}] => (Allow) D:\steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{071C845D-FF65-448D-9D39-14F9CB43AA53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{F961F09E-6593-4A88-B877-AC14BF5F41DD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{34D5531F-63E9-4377-9126-A85C3B513C8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{3F67DBE7-54BC-4E92-A07C-1B71B1681E7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{0B55C7DA-7550-404C-BE93-C2C3A3EF9E01}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{3B35093B-058C-41D4-809A-D52BFE1EC8FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{F95A289E-51C9-4533-864D-305F1041C4F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{9259326B-709F-46A0-A461-AF97524982A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{CBC1346A-B2FD-46B6-B3CC-B81117DAAC87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{51570FA3-8DAF-44C0-BBE8-F481CF42BEFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{5C7EA8AA-714C-42D2-8201-7BCC3C4974A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{D632C75A-9B26-42CC-90BC-63CAED21002D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{6945A1EF-75CE-4AD2-8BA9-233B2C97F04A}] => (Allow) C:\Users\Xation RAP\AppData\Local\Temp\7zS477A\setup\hpznui40.exe
FirewallRules: [{39941C12-93C9-49CE-A526-C46706C837FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{701FD9B9-AB54-4DF3-9EC5-1AF32BFCE635}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{C64DC517-FE94-4D45-8EAA-8A3BB17BC7FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6FC95CC9-3CFC-469D-A592-91CE34008F10}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{D1ABDA1F-CBB4-4CD7-A629-87BEF77E97DD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{49388D24-6647-41E6-9CBD-1F1B120D5321}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{6AFA892D-011E-4072-B690-A2C6C79337A5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{D381A52A-399A-4AC7-B079-923DFB658DD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{C9914053-72CA-4C6E-A616-DB09CC04725E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8FF2C98A-E2DC-4EC3-83BC-39744257CCB9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{96E843EB-E3A9-43FA-BF6D-C6D315BB80F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{AECC97D4-7382-4364-8BF5-20CAEE0BD4FB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{858CABF1-869D-40FB-86C2-D30AE594B6CB}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{0D0EF787-A0C2-4319-BA48-6F4EE1BED3D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{F454C754-36A7-45FD-9A71-379A0069F93F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{72070B63-F579-4778-AB1E-28FB47D7E4E8}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{E3CB7F8C-062A-47FD-9926-BC588129043C}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [TCP Query User{F7FBE3F4-B48E-43DF-8123-D78B5438A730}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{EB6A39ED-8909-4FB6-8706-AD15A6888BC6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{2D8EF360-95BC-419F-B1B4-99BD74F1A10D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{9950D594-701B-4CEE-9625-B83339245593}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{A2488369-C8F5-45F8-9777-A9BC64B71463}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{95E81542-E80F-432F-A0DA-9A5C7C62745A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{76511913-C8D9-4FC0-AE2E-2EBC5BBC632F}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B6B5249B-FFC0-41DE-89FE-A130B3CE8964}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{0228EAB1-34CB-44C0-A37F-ADBCDEA40374}] => (Allow) C:\Users\Xation RAP\AppData\Local\Apps\2.0\ZBV8ZOG4.WMY\AB2QM7DM.KEQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{66589B7B-3511-42D3-9F3D-DD757E51C808}] => (Allow) C:\Users\Xation RAP\AppData\Local\Apps\2.0\ZBV8ZOG4.WMY\AB2QM7DM.KEQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{86652F2C-E4DC-4F1A-BB4C-F1F6133E2B74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CF7CDED9-E7CC-449F-8B67-D9764D1D4FA8}] => (Allow) C:\Users\Xation RAP\AppData\Local\Apps\2.0\ZBV8ZOG4.WMY\AB2QM7DM.KEQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62c0f9ec26c\CurseClient.exe
FirewallRules: [{C72B9757-40EB-47DA-8C3A-CD263B827AB5}] => (Allow) C:\Users\Xation RAP\AppData\Local\Apps\2.0\ZBV8ZOG4.WMY\AB2QM7DM.KEQ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62c0f9ec26c\CurseClient.exe
==================== Faulty Device Manager Devices =============
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/13/2015 04:15:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.29.22354, Zeitstempel: 0x54a3dd15
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18847, Zeitstempel: 0x554d7bd0
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xf54
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (06/13/2015 04:15:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
bei System.Xml.XmlTextReaderImpl.Read()
bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
bei System.Xml.XmlDocument.Load(System.String)
bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (06/13/2015 04:14:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
bei System.Xml.XmlTextReaderImpl.Read()
bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
bei System.Xml.XmlDocument.Load(System.String)
bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (06/13/2015 04:14:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
bei System.Xml.XmlTextReaderImpl.Read()
bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
bei System.Xml.XmlDocument.Load(System.String)
bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (06/13/2015 04:14:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
bei System.Xml.XmlTextReaderImpl.Read()
bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
bei System.Xml.XmlDocument.Load(System.String)
bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (06/13/2015 03:49:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
bei System.Xml.XmlTextReaderImpl.Read()
bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
bei System.Xml.XmlDocument.Load(System.String)
bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (06/13/2015 03:49:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.29.22354, Zeitstempel: 0x54a3dd15
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18847, Zeitstempel: 0x554d7bd0
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xa94
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (06/13/2015 03:49:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
bei System.Xml.XmlTextReaderImpl.Read()
bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
bei System.Xml.XmlDocument.Load(System.String)
bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (06/13/2015 03:49:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
bei System.Xml.XmlTextReaderImpl.Read()
bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
bei System.Xml.XmlDocument.Load(System.String)
bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
bei Avira.OE.WinCore.OeProductInfo.get_Culture()
bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (06/13/2015 03:49:16 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
System errors:
=============
Error: (06/13/2015 04:16:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP CUE DeviceDiscovery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 04:16:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "hpqcxs08" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 04:14:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (06/13/2015 04:14:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/13/2015 04:14:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/13/2015 04:14:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
TfFsMon
TFSysMon
Error: (06/13/2015 04:13:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Kernel Information Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (06/13/2015 04:13:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 13.06.2015 um 15:57:29 unerwartet heruntergefahren.
Error: (06/13/2015 03:51:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP CUE DeviceDiscovery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2015 03:51:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "hpqcxs08" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-08-10 00:13:45.334
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 19:09:04.559
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 19:03:44.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 18:34:47.280
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 17:58:42.567
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 17:49:44.302
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 17:38:55.864
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 17:22:14.566
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 17:12:55.091
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-09 13:12:43.356
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 38%
Total physical RAM: 6135.08 MB
Available physical RAM: 3799.27 MB
Total Pagefile: 12275.27 MB
Available Pagefile: 9417.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:458.45 GB) (Free:319.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:458.96 GB) (Free:349 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 514A3FB3)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=459 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
14.06.2015, 05:42
| #3 |
| /// the machine /// TB-Ausbilder    | PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Hi,
__________________die Kiste ist voll Adware. Aber das ist nicht dein Problem. Dein Problem ist ein Defekt der Hardware. Was willst Du jetzt zuerst machen? Sinnigerweise sollte zuerst die Hardware gecheckt werden.
__________________ |
|
14.06.2015, 12:59
| #4 |
| | PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Moin, Also wenn es nötig ist, würde ich jetzt die Hardware checken, aber leider kenne ich mich damit nicht wirklich gut aus. Ich hoffe du kannst mir erklären, wie ich das jetzt machen soll. Mit freundlichen Grüßen Alex Hier noch meine PC Daten mit dem Windowsleistungsindex: Weitere Details über den Computer Komponente Details Teilbewertung Prozessor Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz 7,3 Arbeitsspeicher (RAM) 6,00 GB 7,5 Grafik NVIDIA GeForce GTS 240 2,9 Grafik (Spiele) 4095 MB insgesamt verfügbarer Grafikspeicher 4,2 Primäre Festplatte 318GB frei (458GB gesamt) 5,9 Windows 7 Home Premium System -------------------------------------------------------------------------------- Hersteller Acer Modell Aspire M5810 Gesamter Systemspeicher 6,00 GB RAM Systemtyp 64 Bit-Betriebssystem Anzahl der Prozessorkerne 4 Speicher -------------------------------------------------------------------------------- Gesamtgröße der Festplatte(n) 917 GB Datenträgerpartition (C  318 GB frei (458 GB gesamt) Datenträgerpartition (D 349 GB frei (459 GB gesamt) Medienlaufwerk (E CD/DVD Grafik -------------------------------------------------------------------------------- Grafikkartentyp NVIDIA GeForce GTS 240 Insgesamt verfügbarer Grafikspeicher 4095 MB Dedizierter Grafikspeicher 2048 MB Dedizierter Systemarbeitsspeicher 0 MB Gemeinsam genutzter Systemspeicher 2047 MB Grafikkarten-Treiberversion 9.18.13.4144 Auflösung des primären Monitors 1920x1080 DirectX-Version DirectX 10 Netzwerk -------------------------------------------------------------------------------- Netzwerkadapter Intel(R) 82578DC Gigabit Network Connection Notizen -------------------------------------------------------------------------------- Die Gaminggrafikbewertung basiert auf dem primären Grafikadapter. Wenn dieses System miteinander verbundene oder mehrere Grafikadapter aufweist, können für einige Softwareanwendungen möglicherweise zusätzliche Leistungsvorteile festgestellt werden. |
|
15.06.2015, 06:19
| #5 |
| /// the machine /// TB-Ausbilder | PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Naja, aus der Ferne können wir da eh wenig machen, das Ding muss evtl in einen Laden. Mach mal folgendes: Zustand der Festplatte herausfinden - so gehts - Anleitungen Rechner Temperaturen prüfen und auslesen - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.06.2015, 16:53
| #6 |
| | PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Moin, hier die Ergebniss dieser Programme: Code:
ATTFilter ----------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 (C) 2008-2015 hiyohiyo
Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2015/06/16 17:48:46
-- Controller Map ----------------------------------------------------------
- JMicron JMB36X Controller [SCSI]
+ Intel(R) ICH8R/ICH9R/ICH10R/DO/PCH SATA RAID Controller [SCSI]
- ST31000528AS
- HL-DT-ST DVDRAM GH40N
-- Disk List ---------------------------------------------------------------
(1) ST31000528AS : 1000,2 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST31000528AS
----------------------------------------------------------------------------
Model : ST31000528AS
Firmware : CC44
Serial Number : 5VP1P1GW
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Unbekannt
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : ---- | SATA/300
Power On Hours : 13143 Std.
Power On Count : 4774 mal
Temperature : 28 C (82 F)
Health Status : Vorsicht
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : D0D0h [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _94 __6 00000B7EAC51 Lesefehlerrate
03 _95 _94 __0 000000000000 Mittlere Anlaufzeit
04 _96 _96 _20 0000000012A6 Start/Stopp-Zyklen der Spindel
05 100 100 _36 000000000000 Wiederzugewiesene Sektoren
07 _86 _60 _30 00001B849F62 Suchfehler
09 _85 _85 __0 000000003357 Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C _96 _96 _20 0000000012A6 Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB __1 __1 __0 0000000000F4 Gemeldete unkorrigierbare Fehler
BC 100 100 __0 000000000000 Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _72 _52 _45 00001C18001C Luftstromtemperatur
C2 _28 _48 __0 000B0000001C Temperatur
C3 _46 _30 __0 00000B7EAC51 Hardware-ECC wiederhergestellt
C5 100 100 __0 000000000001 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000001 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 541A0000675B Kopfpositionierungszeit
F1 100 253 __0 0000809C8A83 LBA geschrieben (gesamt)
F2 100 253 __0 0000BAB783DA LBA gelesen (gesamt)
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3556 5031 5031 4757
020: 0000 0000 0004 4343 3434 2020 2020 5354 3331 3030
030: 3035 3238 4153 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0506 0000 0048 0040
080: 01F0 0029 346B 7F61 4163 3469 BE01 4163 407F 0053
090: 0053 0000 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 0000 0000 5000 C500
110: 1B42 101F 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 004F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3F00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 06A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 76 5E 51 AC 7E 0B 00 00 00 03 03
010: 00 5F 5E 00 00 00 00 00 00 00 04 32 00 60 60 A6
020: 12 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 56 3C 62 9F 84 1B 00 00 00 09 32
040: 00 55 55 57 33 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 60 60 A6 12 00 00 00
060: 00 00 B7 00 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 01 01 F4
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 48 34 1C 00 18 1C 00 00 00 C2 22 00 1C 30 1C
0B0: 00 00 00 0B 00 00 C3 1A 00 2E 1E 51 AC 7E 0B 00
0C0: 00 00 C5 12 00 64 64 01 00 00 00 00 00 00 C6 10
0D0: 00 64 64 01 00 00 00 00 00 00 C7 3E 00 C8 C8 00
0E0: 00 00 00 00 00 00 F0 00 00 64 FD 5B 67 00 00 1A
0F0: 54 18 F1 00 00 64 FD 83 8A 9C 80 00 00 00 F2 00
100: 00 64 FD DA 83 B7 BA 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 61 02 00 7B
170: 03 00 01 00 01 C2 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 06 06 05 05 05 06 05 05
190: 05 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 03 13 E2 1D 16 2B 00 00
1B0: 00 00 00 00 01 00 A9 3A 83 8A 9C 80 3C 60 02 00
1C0: DA 83 B7 BA 72 7F 28 00 00 00 00 00 E8 C6 EA 00
1D0: 00 00 00 24 00 00 00 00 E9 21 00 00 35 00 0F 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1F
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1A
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 C2 00 00 00 00 00
0B0: 00 00 00 00 00 00 C3 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 F0 00 00 00 00 00 00 00 00 00
0F0: 00 00 F1 00 00 00 00 00 00 00 00 00 00 00 F2 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60
Code:
ATTFilter Open Hardware Monitor Report
--------------------------------------------------------------------------------
Version: 0.7.1.0
--------------------------------------------------------------------------------
Common Language Runtime: 4.0.30319.34209
Operating System: Microsoft Windows NT 6.1.7601 Service Pack 1
Process Type: 64-Bit
--------------------------------------------------------------------------------
Sensors
|
+- FMP55 (/mainboard)
| |
| +- ITE IT8720F (/lpc/it8720f)
| | +- CPU VCore : 0.88 0.864 1.136 (/lpc/it8720f/voltage/0)
| | +- Voltage #2 : 1.104 1.104 1.104 (/lpc/it8720f/voltage/1)
| | +- Voltage #3 : 3.408 3.408 3.408 (/lpc/it8720f/voltage/2)
| | +- Voltage #4 : 3.008 2.992 3.008 (/lpc/it8720f/voltage/3)
| | +- Voltage #5 : 3.008 3.008 3.024 (/lpc/it8720f/voltage/4)
| | +- Voltage #6 : 3.04 3.008 3.04 (/lpc/it8720f/voltage/5)
| | +- Voltage #8 : 2.992 2.992 2.992 (/lpc/it8720f/voltage/7)
| | +- VBat : 3.072 3.072 3.072 (/lpc/it8720f/voltage/8)
| | +- Temperature #1 : 42 41 42 (/lpc/it8720f/temperature/0)
| | +- Temperature #2 : 22 22 22 (/lpc/it8720f/temperature/1)
| | +- Temperature #3 : 37 36 41 (/lpc/it8720f/temperature/2)
| | +- Fan #1 : 1163.79 1163.79 1300.58 (/lpc/it8720f/fan/0)
| | +- Fan #2 : 1090.47 1088.71 1090.47 (/lpc/it8720f/fan/1)
| | +- Fan Control #1 : (/lpc/it8720f/control/0)
| | +- Fan Control #2 : (/lpc/it8720f/control/1)
| | +- Fan Control #3 : 50 50 50 (/lpc/it8720f/control/2)
|
+- Intel Core i5 750 (/intelcpu/0)
| +- Bus Speed : 133.001 133.001 133.004 (/intelcpu/0/clock/0)
| +- CPU Core #1 : 1197.01 1197.01 2793.09 (/intelcpu/0/clock/1)
| +- CPU Core #2 : 1197.01 1197.01 2793.09 (/intelcpu/0/clock/2)
| +- CPU Core #3 : 1197.01 1197.01 2793.09 (/intelcpu/0/clock/3)
| +- CPU Core #4 : 1197.01 1197.01 2793.09 (/intelcpu/0/clock/4)
| +- CPU Core #1 : 50 50 57 (/intelcpu/0/temperature/0)
| +- CPU Core #2 : 50 50 59 (/intelcpu/0/temperature/1)
| +- CPU Core #3 : 48 48 55 (/intelcpu/0/temperature/2)
| +- CPU Core #4 : 48 48 58 (/intelcpu/0/temperature/3)
| +- CPU Total : 33.8462 25 55.0532 (/intelcpu/0/load/0)
| +- CPU Core #1 : 36.9231 0 100 (/intelcpu/0/load/1)
| +- CPU Core #2 : 27.6923 0 100 (/intelcpu/0/load/2)
| +- CPU Core #3 : 38.4615 0 50.5319 (/intelcpu/0/load/3)
| +- CPU Core #4 : 32.3077 0 100 (/intelcpu/0/load/4)
|
+- Generic Memory (/ram)
| +- Memory : 43.0261 43.0261 46.2797 (/ram/load/0)
| +- Used Memory : 2.57782 2.57782 2.77275 (/ram/data/0)
| +- Available Memory : 3.41347 3.21854 3.41347 (/ram/data/1)
|
+- NVIDIA GeForce GTS 240 (/nvidiagpu/0)
| +- GPU Core : 675 675 675 (/nvidiagpu/0/clock/0)
| +- GPU Memory : 601.714 601.714 601.714 (/nvidiagpu/0/clock/1)
| +- GPU Shader : 1674 1674 1674 (/nvidiagpu/0/clock/2)
| +- GPU Core : 104 104 104 (/nvidiagpu/0/temperature/0)
| +- GPU Core : 0 0 8 (/nvidiagpu/0/load/0)
| +- GPU Memory Controller : 1 1 6 (/nvidiagpu/0/load/1)
| +- GPU Video Engine : 0 0 0 (/nvidiagpu/0/load/2)
| +- GPU Memory : 9.97257 9.88197 9.98249 (/nvidiagpu/0/load/3)
| +- GPU Fan : 95 95 95 (/nvidiagpu/0/control/0)
|
+- ST31000528AS (/hdd/0)
| +- Temperature : 30 30 30 (/hdd/0/temperature/0)
| +- Used Space : 27.553 27.553 27.553 (/hdd/0/load/0)
|
+- Generic Hard Disk (/hdd/1)
|
+- Generic Hard Disk (/hdd/2)
|
+- Generic Hard Disk (/hdd/3)
|
+- Generic Hard Disk (/hdd/4)
|
+- Generic Hard Disk (/hdd/5)
--------------------------------------------------------------------------------
Parameters
|
+- FMP55 (/mainboard)
| |
| +- ITE IT8720F (/lpc/it8720f)
| | |
| | +- CPU VCore (/lpc/it8720f/voltage/0)
| | | +- Ri [kΩ] : 0 : 0
| | | +- Rf [kΩ] : 1 : 1
| | | +- Vf [V] : 0 : 0
| | |
| | +- Voltage #2 (/lpc/it8720f/voltage/1)
| | | +- Ri [kΩ] : 0 : 0
| | | +- Rf [kΩ] : 1 : 1
| | | +- Vf [V] : 0 : 0
| | |
| | +- Voltage #3 (/lpc/it8720f/voltage/2)
| | | +- Ri [kΩ] : 0 : 0
| | | +- Rf [kΩ] : 1 : 1
| | | +- Vf [V] : 0 : 0
| | |
| | +- Voltage #4 (/lpc/it8720f/voltage/3)
| | | +- Ri [kΩ] : 0 : 0
| | | +- Rf [kΩ] : 1 : 1
| | | +- Vf [V] : 0 : 0
| | |
| | +- Voltage #5 (/lpc/it8720f/voltage/4)
| | | +- Ri [kΩ] : 0 : 0
| | | +- Rf [kΩ] : 1 : 1
| | | +- Vf [V] : 0 : 0
| | |
| | +- Voltage #6 (/lpc/it8720f/voltage/5)
| | | +- Ri [kΩ] : 0 : 0
| | | +- Rf [kΩ] : 1 : 1
| | | +- Vf [V] : 0 : 0
| | |
| | +- Voltage #8 (/lpc/it8720f/voltage/7)
| | | +- Ri [kΩ] : 0 : 0
| | | +- Rf [kΩ] : 1 : 1
| | | +- Vf [V] : 0 : 0
| | |
| | +- VBat (/lpc/it8720f/voltage/8)
| | | +- Ri [kΩ] : 0 : 0
| | | +- Rf [kΩ] : 1 : 1
| | | +- Vf [V] : 0 : 0
| | |
| | +- Temperature #1 (/lpc/it8720f/temperature/0)
| | | +- Offset [°C] : 0 : 0
| | |
| | +- Temperature #2 (/lpc/it8720f/temperature/1)
| | | +- Offset [°C] : 0 : 0
| | |
| | +- Temperature #3 (/lpc/it8720f/temperature/2)
| | | +- Offset [°C] : 0 : 0
|
+- Intel Core i5 750 (/intelcpu/0)
| |
| +- CPU Core #1 (/intelcpu/0/temperature/0)
| | +- TjMax [°C] : 99 : 99
| | +- TSlope [°C] : 1 : 1
| |
| +- CPU Core #2 (/intelcpu/0/temperature/1)
| | +- TjMax [°C] : 99 : 99
| | +- TSlope [°C] : 1 : 1
| |
| +- CPU Core #3 (/intelcpu/0/temperature/2)
| | +- TjMax [°C] : 99 : 99
| | +- TSlope [°C] : 1 : 1
| |
| +- CPU Core #4 (/intelcpu/0/temperature/3)
| | +- TjMax [°C] : 99 : 99
| | +- TSlope [°C] : 1 : 1
|
+- Generic Memory (/ram)
|
+- NVIDIA GeForce GTS 240 (/nvidiagpu/0)
|
+- ST31000528AS (/hdd/0)
| |
| +- Temperature (/hdd/0/temperature/0)
| | +- Offset [°C] : 0 : 0
|
+- Generic Hard Disk (/hdd/1)
|
+- Generic Hard Disk (/hdd/2)
|
+- Generic Hard Disk (/hdd/3)
|
+- Generic Hard Disk (/hdd/4)
|
+- Generic Hard Disk (/hdd/5)
--------------------------------------------------------------------------------
Mainboard
SMBIOS Version: 2.6
BIOS Vendor: American Megatrends Inc.
BIOS Version: P01-A3
System Manufacturer: Acer
System Name: Aspire M5810
System Version:
Mainboard Manufacturer: Acer
Mainboard Name: FMP55
Mainboard Version:
Processor Manufacturer: Intel
Processor Version: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Processor Core Count: 4
Processor Core Enabled: 4
Processor Thread Count: 4
Processor External Clock: 133 Mhz
Memory Device [0] Manufacturer: Samsung
Memory Device [0] Part Number: M378B5673EH1-CH9
Memory Device [0] Device Locator: DIMM0
Memory Device [0] Bank Locator: BANK0
Memory Device [0] Speed: 1333 MHz
Memory Device [1] Manufacturer: Samsung
Memory Device [1] Part Number: M378B2873EH1-CH9
Memory Device [1] Device Locator: DIMM1
Memory Device [1] Bank Locator: BANK1
Memory Device [1] Speed: 1333 MHz
Memory Device [2] Manufacturer: Samsung
Memory Device [2] Part Number: M378B5673EH1-CH9
Memory Device [2] Device Locator: DIMM2
Memory Device [2] Bank Locator: BANK2
Memory Device [2] Speed: 1333 MHz
Memory Device [3] Manufacturer: Samsung
Memory Device [3] Part Number: M378B2873EH1-CH9
Memory Device [3] Device Locator: DIMM3
Memory Device [3] Bank Locator: BANK3
Memory Device [3] Speed: 1333 MHz
SMBIOS Table
ABgAAAECAPADD5Dai38BAAAAMwUID///QW1lcmljYW4gTWVnYXRyZW5kcyBJbmMu
AFAwMS1BMwAwOC8yOS8yMDA5AAABGwEAAQIDBAABbHDJASAJERIjAlUAAAAGBQZB
Y2VyAEFzcGlyZSBNNTgxMAAgICAgICAgIAA5Mk1GVzc1RFBOOTQ2MEYxRkIyNzAy
AFRvIEJlIEZpbGxlZCBCeSBPLkUuTS4AQWNlciBEZXNrdG9wAAACDwIAAQIDBAUJ
BgMACgBBY2VyAEZNUDU1ACAgICAgICAgAFUwMjUwOTQ0MDExMTUAVG8gQmUgRmls
bGVkIEJ5IE8uRS5NLgBUbyBCZSBGaWxsZWQgQnkgTy5FLk0uAAADFQMAAQMCAwQD
AwMDAAAAAAABAABBY2VyACAgICAgICAgACAgICAgICAgICAgICAgICAgICAgICAA
ICAgICAgICAgICAgICAgICAgICAgIAAABCoEAAEDAQLlBgEA//vrvwOLhQBqCmoK
QQEFAAYA//8EBQYEBAQEAAEAQ1BVIDEASW50ZWwgICAgICAgICAgICAASW50ZWwo
UikgQ29yZShUTSkgaTUgQ1BVICAgICAgICAgNzUwICBAIDIuNjdHSHogICAgIABU
byBCZSBGaWxsZWQgQnkgTy5FLk0uAFRvIEJlIEZpbGxlZCBCeSBPLkUuTS4AVG8g
QmUgRmlsbGVkIEJ5IE8uRS5NLgAABxMFAAGAAAABAAEBAAEAAAQDBUwxLUNhY2hl
AAAHEwYAAYEAAAQABAEAAQAABQUHTDItQ2FjaGUAAAUYBwAGggEAIAAgAQABAAAF
BQgKAAsABAAABgwIAAEBAAAFi4sARElNTTAAAAYMCQABIwAABQoKAERJTU0xAAAG
DAoAAUUAAAWLiwBESU1NMgAABgwLAAFnAAAFCgoARElNTTMAAAkRDAABqg0DBAAA
DAH/////UENJRTEAAAkRDQABpQgEAwEADAH/////UENJRTIAAAkRDgABpQgDAwIA
DAH/////UENJRTMAAAkRDwABqAoDAwMADAH/////UENJRTQAAAoGEACFASAgT25i
b2FyZCBJbnRlbCBHYkUgTGFuAAAKBhEAhwEgIE9uYm9hcmQgUmVhbHRlayBIRCBB
dWRpbwAACwUSAAFJbnRlbCBQNTUAABAPEwADAwMAAIAA/v8EAAAAEw8UAAAAAAD/
/18AEwAEAAARHBUAEwD+/0AAQAAACAkAAQIBgAA1BQMEBQYARElNTTAAQkFOSzAA
U2Ftc3VuZyAgICAgICAAODNFMUI0NTgAMDAwOTQwICAgICAgAE0zNzhCNTY3M0VI
MS1DSDkgIAAAFBMWAAAAAAD//x8AFQAUAAEAAQAAERwXABMA/v9AAEAAAAQJAAEC
AYAANQUDBAUGCERJTU0xAEJBTksxAFNhbXN1bmcgICAgICAgADg1REREN0UyADAw
MDkzOCAgICAgIABNMzc4QjI4NzNFSDEtQ0g5ICAAABQTGAAAACAA//8vABcAFAAB
AAEAABEcGQATAP7/QABAAAAICQABAgGAADUFAwQFBgBESU1NMgBCQU5LMgBTYW1z
dW5nICAgICAgIAA4M0UxQjQ1RQAwMDA5NDAgICAgICAATTM3OEI1NjczRUgxLUNI
OSAgAAAUExoAAAAwAP//TwAZABQAAQABAAARHBsAEwD+/0AAQAAABAkAAQIBgAA1
BQMEBQYIRElNTTMAQkFOSzMAU2Ftc3VuZyAgICAgICAAODVEREQ4MjEAMDAwOTM4
ICAgICAgAE0zNzhCMjg3M0VIMS1DSDkgIAAAFBMcAAAAUAD//18AGwAUAAEAAQAA
GAUdAAAAACAUHgAAAAAAAAAAAAAAAAAAAAAAAAAiCx8AAQQAAAAAA0xNNzgtMQAA
HBYgAAFCAIAAgACAAIAAgAAAAAAAgExNNzhBAAAkECEAAQACAAMABAAFAAYAAAAj
CyIAAR8AHwAgAFRvIEJlIEZpbGxlZCBCeSBPLkUuTS4AABsOIwAgABIBAAAAAACA
AAAkECQAAQACAAMABAAFAAYAAAAjCyUAAR8AIgAjAFRvIEJlIEZpbGxlZCBCeSBP
LkUuTS4AABsOJgAgABIBAAAAAACAAAAkECcAAQACAAMABAAFAAYAAAAjCygAAR8A
JQAmAFRvIEJlIEZpbGxlZCBCeSBPLkUuTS4AACcWKQABAQIDBAUGBwCAAED//yMA
//9UbyBCZSBGaWxsZWQgQnkgTy5FLk0uAFRvIEJlIEZpbGxlZCBCeSBPLkUuTS4A
VG8gQmUgRmlsbGVkIEJ5IE8uRS5NLgBUbyBCZSBGaWxsZWQgQnkgTy5FLk0uAFRv
IEJlIEZpbGxlZCBCeSBPLkUuTS4AVG8gQmUgRmlsbGVkIEJ5IE8uRS5NLgBUbyBC
ZSBGaWxsZWQgQnkgTy5FLk0uAAApCyoAAYUA/////yAgT25ib2FyZCBJbnRlbCBH
YkUgTGFuAAApCysAAYcA/////yAgT25ib2FyZCBSZWFsdGVrIEhEIEF1ZGlvAAB/
BCwAAAA=
--------------------------------------------------------------------------------
LPC IT87XX
Chip ID: 0x8720
Chip Version: 0x8
Base Address: 0x0A10
GPIO Address: 0x0A20
Environment Controller Registers
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
00 19 10 00 00 00 00 00 00 00 80 61 0F 07 44 6C 00
10 FF FF FF 33 D7 82 80 40 02 02 00 FF FF FF FF FF
20 37 45 D5 BC BC BE 00 BB C0 2A 16 25 80 6A C1 C1
30 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
40 FF FF FF FF FF FF 5F 74 2D 40 9C 00 FF FF FF FF
50 FF 1C 7F 7F 7F D0 00 00 90 55 0A 12 E0 00 00 00
60 00 21 50 1C 8E 62 00 FF 00 30 50 30 98 62 00 FF
70 7F 7F 7F 00 00 60 00 FF FF FF FF FF FF FF FF FF
80 00 00 00 00 00 00 00 00 02 30 01 02 01 00 20 1F
90 3D 1A A2 00 FF 00 00 00 FF FF FF FF FF FF FF FF
A0 D0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
GPIO Registers
E6 20 FF 7B F8 1E 77 00
--------------------------------------------------------------------------------
CPUID
Processor 0
Processor Vendor: Intel
Processor Brand: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Family: 0x6
Model: 0x1E
Stepping: 0x5
CPUID Return Values
CPU Thread: 0
APIC ID: 0
Processor ID: 0
Core ID: 0
Thread ID: 0
Function EAX EBX ECX EDX
00000000 0000000B 756E6547 6C65746E 49656E69
00000001 000106E5 00100800 0098E3FD BFEBFBFF
00000002 55035A01 00F0B0E4 00000000 09CA212C
00000003 00000000 00000000 00000000 00000000
00000004 1C004121 01C0003F 0000003F 00000000
00000005 00000040 00000040 00000003 00001120
00000006 00000003 00000002 00000001 00000000
00000007 00000000 00000000 00000000 00000000
00000008 00000000 00000000 00000000 00000000
00000009 00000000 00000000 00000000 00000000
0000000A 07300403 00000044 00000000 00000603
0000000B 00000001 00000001 00000100 00000000
80000000 80000008 00000000 00000000 00000000
80000001 00000000 00000000 00000001 28100800
80000002 65746E49 2952286C 726F4320 4D542865
80000003 35692029 55504320 20202020 20202020
80000004 30353720 20402020 37362E32 007A4847
80000005 00000000 00000000 00000000 00000000
80000006 00000000 00000000 01006040 00000000
80000007 00000000 00000000 00000000 00000100
80000008 00003024 00000000 00000000 00000000
CPU Thread: 1
APIC ID: 2
Processor ID: 0
Core ID: 1
Thread ID: 0
Function EAX EBX ECX EDX
00000000 0000000B 756E6547 6C65746E 49656E69
00000001 000106E5 02100800 0098E3FD BFEBFBFF
00000002 55035A01 00F0B0E4 00000000 09CA212C
00000003 00000000 00000000 00000000 00000000
00000004 1C004121 01C0003F 0000003F 00000000
00000005 00000040 00000040 00000003 00001120
00000006 00000003 00000002 00000001 00000000
00000007 00000000 00000000 00000000 00000000
00000008 00000000 00000000 00000000 00000000
00000009 00000000 00000000 00000000 00000000
0000000A 07300403 00000044 00000000 00000603
0000000B 00000001 00000001 00000100 00000002
80000000 80000008 00000000 00000000 00000000
80000001 00000000 00000000 00000001 28100800
80000002 65746E49 2952286C 726F4320 4D542865
80000003 35692029 55504320 20202020 20202020
80000004 30353720 20402020 37362E32 007A4847
80000005 00000000 00000000 00000000 00000000
80000006 00000000 00000000 01006040 00000000
80000007 00000000 00000000 00000000 00000100
80000008 00003024 00000000 00000000 00000000
CPU Thread: 2
APIC ID: 4
Processor ID: 0
Core ID: 2
Thread ID: 0
Function EAX EBX ECX EDX
00000000 0000000B 756E6547 6C65746E 49656E69
00000001 000106E5 04100800 0098E3FD BFEBFBFF
00000002 55035A01 00F0B0E4 00000000 09CA212C
00000003 00000000 00000000 00000000 00000000
00000004 1C004121 01C0003F 0000003F 00000000
00000005 00000040 00000040 00000003 00001120
00000006 00000003 00000002 00000001 00000000
00000007 00000000 00000000 00000000 00000000
00000008 00000000 00000000 00000000 00000000
00000009 00000000 00000000 00000000 00000000
0000000A 07300403 00000044 00000000 00000603
0000000B 00000001 00000001 00000100 00000004
80000000 80000008 00000000 00000000 00000000
80000001 00000000 00000000 00000001 28100800
80000002 65746E49 2952286C 726F4320 4D542865
80000003 35692029 55504320 20202020 20202020
80000004 30353720 20402020 37362E32 007A4847
80000005 00000000 00000000 00000000 00000000
80000006 00000000 00000000 01006040 00000000
80000007 00000000 00000000 00000000 00000100
80000008 00003024 00000000 00000000 00000000
CPU Thread: 3
APIC ID: 6
Processor ID: 0
Core ID: 3
Thread ID: 0
Function EAX EBX ECX EDX
00000000 0000000B 756E6547 6C65746E 49656E69
00000001 000106E5 06100800 0098E3FD BFEBFBFF
00000002 55035A01 00F0B0E4 00000000 09CA212C
00000003 00000000 00000000 00000000 00000000
00000004 1C004121 01C0003F 0000003F 00000000
00000005 00000040 00000040 00000003 00001120
00000006 00000003 00000002 00000001 00000000
00000007 00000000 00000000 00000000 00000000
00000008 00000000 00000000 00000000 00000000
00000009 00000000 00000000 00000000 00000000
0000000A 07300403 00000044 00000000 00000603
0000000B 00000001 00000001 00000100 00000006
80000000 80000008 00000000 00000000 00000000
80000001 00000000 00000000 00000001 28100800
80000002 65746E49 2952286C 726F4320 4D542865
80000003 35692029 55504320 20202020 20202020
80000004 30353720 20402020 37362E32 007A4847
80000005 00000000 00000000 00000000 00000000
80000006 00000000 00000000 01006040 00000000
80000007 00000000 00000000 00000000 00000100
80000008 00003024 00000000 00000000 00000000
--------------------------------------------------------------------------------
Intel CPU
Name: Intel Core i5 750
Number of Cores: 4
Threads per Core: 1
Timer Frequency: 2.597675 MHz
Time Stamp Counter: Invariant
Estimated Time Stamp Counter Frequency: 2660.08 MHz
Estimated Time Stamp Counter Frequency Error: 0.08192 Mhz
Time Stamp Counter Frequency: 2660.02 MHz
MSR Core #1
MSR EDX EAX
000000CE 00000900 40031400
00000198 00000000 00000015
0000019C 00000000 882F0000
000001A2 00000000 00631000
MSR Core #2
MSR EDX EAX
000000CE 00000900 40031400
00000198 00000000 00000015
0000019C 00000000 88300000
000001A2 00000000 00631000
MSR Core #3
MSR EDX EAX
000000CE 00000900 40031400
00000198 00000000 00000015
0000019C 00000000 88320000
000001A2 00000000 00631000
MSR Core #4
MSR EDX EAX
000000CE 00000900 40031400
00000198 00000000 00000015
0000019C 00000000 882E0000
000001A2 00000000 00631000
Microarchitecture: Nehalem
Time Stamp Counter Multiplier: 20
--------------------------------------------------------------------------------
AMD Display Library
Status: -1
--------------------------------------------------------------------------------
NVAPI
Version: NVidia Complete Version 1.10
Number of GPUs: 1
--------------------------------------------------------------------------------
Nvidia GPU
Name: NVIDIA GeForce GTS 240
Index: 0
Driver Version: 341.44
Driver Branch: r340_00-442
DeviceID: 0x60710DE
SubSystemID: 0x9250174B
RevisionID: 0xA2
ExtDeviceID: 0x607
Thermal Settings
Sensor[0].Controller: GPU_INTERNAL
Sensor[0].DefaultMinTemp: 0
Sensor[0].DefaultMaxTemp: 127
Sensor[0].CurrentTemp: 104
Sensor[0].Target: GPU
Clocks
Clock[0]: 675000
Clock[1]: 9
Clock[8]: 601714
Clock[9]: 11
Clock[10]: 277778
Clock[11]: 9
Clock[12]: 416666
Clock[13]: 9
Clock[14]: 1674000
Clock[15]: 9
Clock[16]: 148500
Clock[17]: 1
Clock[18]: 3145
Clock[19]: 1
Clock[24]: 450000
Clock[25]: 9
Clock[26]: 450000
Clock[27]: 9
Clock[64]: 675000
Clock[65]: 32
Clock[92]: 601714
Clock[93]: 32
Clock[99]: 277778
Clock[100]: 32
Clock[106]: 416666
Clock[107]: 32
Clock[113]: 1674000
Clock[114]: 32
Clock[120]: 148500
Clock[121]: 32
Clock[127]: 3145
Clock[128]: 32
Clock[148]: 450000
Clock[149]: 32
Clock[155]: 450000
Clock[156]: 32
Tachometer
Status: NOT_SUPPORTED
P-States
Percentage[0]: 0
Percentage[1]: 1
Percentage[2]: 0
Percentage[3]: 0
Usages
Usage[1]: 1
Usage[3]: 58
Usage[4]: 29
Usage[5]: 1
Usage[6]: 1
Usage[7]: 58
Usage[8]: 29
Usage[9]: 1
Usage[11]: 80
Usage[12]: 40
Usage[13]: 1
Cooler Settings
Cooler[0].Type: 1
Cooler[0].Controller: 1
Cooler[0].DefaultMin: 3
Cooler[0].DefaultMax: 95
Cooler[0].CurrentMin: 3
Cooler[0].CurrentMax: 95
Cooler[0].CurrentLevel: 95
Cooler[0].DefaultPolicy: 16
Cooler[0].CurrentPolicy: 16
Cooler[0].Target: 7
Cooler[0].ControlType: 2
Cooler[0].Active: 0
Memory Info
Value[0]: 2097152
Value[1]: 2071744
Value[2]: 0
Value[3]: 2096716
Value[4]: 1888012
--------------------------------------------------------------------------------
GenericHarddisk
Drive name: ST31000528AS
Firmware version: CC44
ID Description Raw Value Worst Value Thres Physical
01 Read Error Rate 930BFE0B0000 94 118 6 -
03 Spin-Up Time 000000000000 94 95 0 -
04 Start/Stop Count A61200000000 96 96 20 4774
05 Reallocated Sectors Count 000000000000 100 100 36 -
07 Seek Error Rate 98C1841B0000 60 86 30 -
09 Power-On Hours (POH) 573300000000 85 85 0 13143
0A Spin Retry Count 000000000000 100 100 97 -
0C Power Cycle Count A61200000000 96 96 20 4774
B7 SATA Downshift Error Count 000000000000 100 100 0 0
B8 End-to-End error 000000000000 100 100 99 -
BB Reported Uncorrectable Errors F40000000000 1 1 0 244
BC Command Timeout 000000000000 100 100 0 0
BD High Fly Writes 000000000000 100 100 0 -
BE Temperature Difference from 100 1E00181E0000 52 70 45 70
C2 Temperature 1E0000000B00 48 30 0 30
C3 Hardware ECC Recovered 930BFE0B0000 30 46 0 -
C5 Current Pending Sector Count 010000000000 100 100 0 -
C6 Uncorrectable Sector Count 010000000000 100 100 0 -
C7 UltraDMA CRC Error Count 000000000000 200 200 0 -
F0 Head Flying Hours 5B670000036D 253 100 0 -
F1 Total LBAs Written 6ADADD210000 253 100 0 -
F2 Total LBAs Read 3CEC7A170000 253 100 0 -
Logical drive name: C:\
Format: NTFS
Total size: 492258193408
Total free space: 338911465472
Logical drive name: D:\
Format: NTFS
Total size: 492806598656
Total free space: 374738092032
--------------------------------------------------------------------------------
GenericHarddisk
Drive name: Generic Hard Disk
Firmware version: Unknown
--------------------------------------------------------------------------------
GenericHarddisk
Drive name: Generic Hard Disk
Firmware version: Unknown
--------------------------------------------------------------------------------
GenericHarddisk
Drive name: Generic Hard Disk
Firmware version: Unknown
--------------------------------------------------------------------------------
GenericHarddisk
Drive name: Generic Hard Disk
Firmware version: Unknown
--------------------------------------------------------------------------------
GenericHarddisk
Drive name: Generic Hard Disk
Firmware version: Unknown
Alex |
|
17.06.2015, 15:19
| #7 |
| /// the machine /// TB-Ausbilder | PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Die Festplatte is schon mal fertig. Daten sichern.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.06.2015, 15:26
| #8 |
| | PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Hey, Ich verstehe leider nicht, was du mit dieser Antwort sagen willst  Grüße |
|
18.06.2015, 06:43
| #9 | |
| /// the machine /// TB-Ausbilder | PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. Die geht kaputt Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu PC friert ein: Bild bleibt stehen, Maus nicht bewegbar. |
| antivir, avira, browser, defender, esgscanner.sys, flash player, google, helper, hijack, hijackthis, home, hotspot, launch, maus, mozilla, problem, prozessor, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, system, temp, windows |
Linear-Darstellung
