FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Tobi (administrator) on TOBI-PC on 19-09-2014 12:58:24
Running from C:\Users\Tobi\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(NewsGator Technologies, Inc.) D:\Program Files (x86)\FeedDemon\FeedDemon.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Dropbox, Inc.) C:\Users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKU\S-1-5-21-3188705557-2088146150-3356971998-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3188705557-2088146150-3356971998-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [467680 2014-07-30] (Sony)
HKU\S-1-5-21-3188705557-2088146150-3356971998-1001\...\Run: [FeedDemon] => D:\Program Files (x86)\FeedDemon\FeedDemon.exe [7400960 2013-06-19] (NewsGator Technologies, Inc.)
HKU\S-1-5-21-3188705557-2088146150-3356971998-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6265624 2014-07-23] (Piriform Ltd)
HKU\S-1-5-21-3188705557-2088146150-3356971998-1001\...\MountPoints2: {59e26de5-d68b-11e3-828f-001a4d4b5452} - N:\Startme.exe
HKU\S-1-5-21-3188705557-2088146150-3356971998-1001\...\MountPoints2: {9717c9b2-f78b-11e3-863d-001a4d4b5452} - N:\pushinst.exe
Startup: C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x251FEFBB6AAACF01
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\user.js
FF SearchPlugin: C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\searchplugins\nzbclub.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\ascsurfingprotection@iobit.com [2014-06-09]
FF Extension: German Dictionary - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-09]
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\de_DE@dicts.j3e.de [2014-09-19]
FF Extension: FoxyProxy Standard - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\foxyproxy@eric.h.jung [2014-09-06]
FF Extension: HTTPS-Everywhere - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\https-everywhere@eff.org [2014-09-13]
FF Extension: LastPass - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\support@lastpass.com [2014-08-22]
FF Extension: WOT - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-06-09]
FF Extension: SearchPreview - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2014-06-09]
FF Extension: Disconnect - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\2.0@disconnect.me.xpi [2014-06-09]
FF Extension: MEGA - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\firefox@mega.co.nz.xpi [2014-07-22]
FF Extension: Self-Destructing Cookies - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2014-06-09]
FF Extension: Proxy Selector - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\proxyselector@mozilla.org.xpi [2014-06-09]
FF Extension: Flagfox - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-07-09]
FF Extension: Quick Translator - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2014-06-09]
FF Extension: NoScript - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-06-09]
FF Extension: Adblock Plus - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-09]
FF Extension: BetterPrivacy - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-06-09]
FF Extension: Greasemonkey - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-06-22]
FF Extension: Adblock Edge - C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-07-08]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-07-08]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-07-08]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-07-08]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-07-08]
Chrome:
=======
CHR HomePage: Default -> 055A0AD85A4598F8721DD9CBBCBA9CB910AF069CC1D17A8D1DE798F61B296669
CHR DefaultSearchKeyword: Default -> 50E75ADBE34D089E1AB776C65F87005AB036B69DFA4D6CED05D05D8D1D112F78
CHR DefaultSearchURL: Default -> DA4FB38D6F21A15ADE865A98D0D8E6A30DCD88C1CD3C4F245FF5311A716756D4
CHR Profile: C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-23]
CHR Extension: (Google Drive) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-23]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-12]
CHR Extension: (Google Search) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-23]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-06-20]
CHR Extension: (uDomainFlag) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eklbfdpploakpkdakoielobggbhemlnm [2014-09-08]
CHR Extension: (HTTPS Everywhere) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-09-12]
CHR Extension: (AdBlock) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-12]
CHR Extension: (Safe Money) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-06-20]
CHR Extension: (SearchPreview) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2014-09-12]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-09-12]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-20]
CHR Extension: (Virtual Keyboard) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-06-20]
CHR Extension: (Disconnect) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-09-12]
CHR Extension: (Google Wallet) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-23]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2014-09-12]
CHR Extension: (Gmail) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-23]
CHR Extension: (Anti-Banner) - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-06-20]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-05-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-28] (Kaspersky Lab ZAO)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [24576 2013-11-03] (The OpenVPN Project) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-05-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-19 12:54 - 2014-09-19 12:58 - 00022330 _____ () C:\Users\Tobi\Desktop\FRST.txt
2014-09-19 12:02 - 2014-09-19 12:58 - 00000000 ____D () C:\FRST
2014-09-19 12:02 - 2014-09-19 12:07 - 00072862 _____ () C:\Users\Tobi\Downloads\FRST.txt
2014-09-19 12:02 - 2014-09-19 12:02 - 02105856 _____ (Farbar) C:\Users\Tobi\Desktop\FRST64.exe
2014-09-19 10:10 - 2014-09-19 12:53 - 00018165 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 10:35 - 2014-09-18 10:33 - 00611232 _____ () C:\Users\Tobi\Desktop\Hawaii.Five-0.S04E01.Voller.Einsatz.UNCUT.GERMAN.5.1.DUBBED.DL.AC3.1080p.WEB-DL.h264-4SJ.nzb
2014-09-18 10:35 - 2014-09-18 10:31 - 00000157 _____ () C:\Users\Tobi\Desktop\Hawaii.Five-0.S04E01.Voller.Einsatz.UNCUT.GERMAN.5.1.DUBBED.DL.AC3.1080p.WEB-DL.h264-4SJ Passwort.txt
2014-09-18 10:27 - 2014-09-18 10:26 - 00286545 _____ () C:\Users\Tobi\Desktop\Posten.rar
2014-09-14 01:33 - 2014-09-14 01:33 - 00000000 ____D () C:\Users\Tobi\Downloads\mzbf6pse6se2o2s29cu2rqv
2014-09-13 19:02 - 2014-09-13 19:02 - 00000202 _____ () C:\Users\Tobi\Desktop\Grim Dawn.url
2014-09-13 01:03 - 2014-09-19 11:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 20:37 - 2014-09-12 20:38 - 00000000 ____D () C:\Users\Tobi\Desktop\Programme
2014-09-12 15:19 - 2014-09-12 15:19 - 00058032 _____ () C:\Users\Tobi\Documents\bookmarks.html
2014-09-12 15:09 - 2014-09-12 15:09 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 11:18 - 2014-09-12 11:59 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Warframe
2014-09-12 10:58 - 2014-09-12 10:58 - 00000202 _____ () C:\Users\Tobi\Desktop\Warframe.url
2014-09-12 02:26 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 02:26 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 02:26 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 02:26 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 02:25 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 02:25 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 02:25 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 02:25 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 02:25 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 02:25 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 02:25 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 02:25 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 02:25 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 02:25 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 02:25 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 02:25 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 02:25 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 02:25 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 02:25 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 02:25 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 02:25 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 02:25 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 02:25 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 02:25 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 02:25 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 02:25 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 02:25 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 02:25 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 02:25 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 02:25 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 02:25 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 02:25 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 02:25 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 02:25 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 02:25 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 02:25 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 02:25 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 02:25 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 02:25 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 02:25 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 02:25 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 02:25 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 02:25 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 02:25 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 02:25 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 02:25 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 02:25 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 02:25 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 02:25 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 02:25 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 02:25 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 02:25 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 02:25 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 02:25 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 02:25 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 02:25 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 02:18 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 02:18 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 15:25 - 2014-09-11 15:25 - 00011200 _____ () C:\Users\Tobi\Downloads\4opJEin4kDjNd16vq3Mo.par2
2014-09-11 09:55 - 2014-09-11 09:55 - 00002288 _____ () C:\Users\Tobi\Documents\tvs-oitnb-ded-dl-bd-x264-111.dlc
2014-09-11 09:41 - 2014-09-12 10:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-09-11 06:25 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 06:25 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 06:24 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 06:24 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 06:24 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 06:24 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 06:24 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 06:24 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 06:24 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 06:24 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 06:24 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-08 18:00 - 2014-09-08 18:00 - 00000202 _____ () C:\Users\Tobi\Desktop\XCOM Enemy Unknown.url
2014-09-08 15:49 - 2014-09-08 15:49 - 00000090 _____ () C:\Users\Tobi\Documents\Rüsckastattung.txt
2014-09-08 10:56 - 2014-09-08 10:56 - 00000202 _____ () C:\Users\Tobi\Desktop\The Testament of Sherlock Holmes.url
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\Program Files (x86)\OpenVPN
2014-09-05 16:32 - 2014-09-06 00:06 - 00002609 _____ () C:\Users\Public\Desktop\VPN Autoconnect.lnk
2014-09-05 16:32 - 2014-09-05 16:32 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\globalip
2014-09-05 16:32 - 2014-09-05 16:32 - 00000000 ____D () C:\Program Files (x86)\globalip
2014-09-05 16:09 - 2014-09-12 00:03 - 00000202 _____ () C:\Users\Tobi\Desktop\Wasteland 2.url
2014-09-05 16:00 - 2014-09-05 16:00 - 00000000 ____D () C:\ProgramData\FlyVPN
2014-09-05 15:59 - 2014-09-19 10:07 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-03 00:36 - 2014-09-13 02:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-09-01 21:50 - 2014-09-01 21:50 - 00011300 _____ () C:\Users\Tobi\Downloads\1bvU4flcSdoiNra72A1V.par2
2014-09-01 00:47 - 2014-09-19 12:55 - 00002056 _____ () C:\Users\Tobi\Documents\Default.rdp
2014-08-31 20:15 - 2014-09-01 00:11 - 00000203 _____ () C:\Users\Tobi\Documents\Danke Button Code.txt
2014-08-29 17:10 - 2014-08-29 17:10 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Blizzard
2014-08-29 16:42 - 2014-08-29 17:10 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-29 16:42 - 2014-08-29 16:42 - 00001159 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-08-29 16:42 - 2014-08-29 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-29 16:41 - 2014-09-13 22:34 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Battle.net
2014-08-29 16:41 - 2014-08-29 16:41 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\NVIDIA
2014-08-29 16:41 - 2014-08-29 16:41 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Battle.net
2014-08-29 16:41 - 2014-08-29 16:41 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Blizzard Entertainment
2014-08-29 16:40 - 2014-09-13 17:28 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-29 16:40 - 2014-08-29 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-29 16:40 - 2014-08-29 16:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-29 16:40 - 2014-08-29 16:40 - 00000000 ____D () C:\ProgramData\Battle.net
2014-08-29 02:48 - 2014-08-29 02:48 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Western_Digital_Technolog
2014-08-29 02:44 - 2014-08-29 02:44 - 00000000 ____D () C:\Users\Tobi\AppData\Local\IsolatedStorage
2014-08-29 02:43 - 2014-08-29 02:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-08-29 02:43 - 2014-08-29 02:45 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-08-28 17:54 - 2014-08-28 17:54 - 00000577 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-08-28 17:54 - 2014-08-28 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-08-28 10:17 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 10:17 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 10:17 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 12:31 - 2014-08-27 12:31 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\.mono
2014-08-26 18:41 - 2014-08-26 18:41 - 01731072 _____ (JP-software) C:\Users\Tobi\Documents\UploadHelperR1Server.exe
2014-08-25 21:45 - 2014-08-25 21:45 - 00000042 _____ () C:\Users\Tobi\Documents\Atrawerb.txt
2014-08-22 22:23 - 2014-08-22 22:23 - 00000202 _____ () C:\Users\Tobi\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-08-21 21:34 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 21:34 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 21:34 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 21:34 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 21:33 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 21:33 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 21:33 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 21:33 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 21:33 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 21:33 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 21:33 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 21:33 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 21:33 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 21:33 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-19 12:58 - 2014-09-19 12:54 - 00022330 _____ () C:\Users\Tobi\Desktop\FRST.txt
2014-09-19 12:58 - 2014-09-19 12:02 - 00000000 ____D () C:\FRST
2014-09-19 12:57 - 2014-08-08 11:16 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Skype
2014-09-19 12:55 - 2014-09-01 00:47 - 00002056 _____ () C:\Users\Tobi\Documents\Default.rdp
2014-09-19 12:53 - 2014-09-19 10:10 - 00018165 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 12:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-09-19 12:29 - 2014-04-24 00:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 12:07 - 2014-09-19 12:02 - 00072862 _____ () C:\Users\Tobi\Downloads\FRST.txt
2014-09-19 12:02 - 2014-09-19 12:02 - 02105856 _____ (Farbar) C:\Users\Tobi\Desktop\FRST64.exe
2014-09-19 12:01 - 2014-04-23 21:36 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 11:27 - 2014-09-13 01:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 11:21 - 2014-07-08 18:35 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-19 10:36 - 2014-04-24 14:54 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\vlc
2014-09-19 10:15 - 2009-07-14 06:45 - 00028016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 10:15 - 2009-07-14 06:45 - 00028016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 10:09 - 2014-08-12 17:56 - 00001013 _____ () C:\Users\Tobi\Desktop\Dropbox.lnk
2014-09-19 10:09 - 2014-08-12 17:56 - 00000000 ___RD () C:\Users\Tobi\Dropbox
2014-09-19 10:09 - 2014-05-09 10:32 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-19 10:09 - 2014-05-09 10:31 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Dropbox
2014-09-19 10:07 - 2014-09-05 15:59 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-19 10:07 - 2014-04-23 21:35 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 10:07 - 2014-04-23 21:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-19 10:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-18 10:33 - 2014-09-18 10:35 - 00611232 _____ () C:\Users\Tobi\Desktop\Hawaii.Five-0.S04E01.Voller.Einsatz.UNCUT.GERMAN.5.1.DUBBED.DL.AC3.1080p.WEB-DL.h264-4SJ.nzb
2014-09-18 10:31 - 2014-09-18 10:35 - 00000157 _____ () C:\Users\Tobi\Desktop\Hawaii.Five-0.S04E01.Voller.Einsatz.UNCUT.GERMAN.5.1.DUBBED.DL.AC3.1080p.WEB-DL.h264-4SJ Passwort.txt
2014-09-18 10:26 - 2014-09-18 10:27 - 00286545 _____ () C:\Users\Tobi\Desktop\Posten.rar
2014-09-17 05:13 - 2014-05-13 18:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 05:25 - 2014-05-08 19:13 - 00000000 ____D () C:\Program Files\Recuva
2014-09-14 01:47 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-09-14 01:47 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-09-14 01:47 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 01:33 - 2014-09-14 01:33 - 00000000 ____D () C:\Users\Tobi\Downloads\mzbf6pse6se2o2s29cu2rqv
2014-09-13 22:34 - 2014-08-29 16:41 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Battle.net
2014-09-13 19:47 - 2014-05-23 20:43 - 00000000 ____D () C:\Users\Tobi\Documents\my games
2014-09-13 19:46 - 2014-04-24 13:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-13 19:02 - 2014-09-13 19:02 - 00000202 _____ () C:\Users\Tobi\Desktop\Grim Dawn.url
2014-09-13 19:02 - 2014-06-09 16:55 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-13 17:28 - 2014-08-29 16:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-13 13:13 - 2014-04-23 21:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 02:08 - 2014-09-03 00:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-09-12 20:38 - 2014-09-12 20:37 - 00000000 ____D () C:\Users\Tobi\Desktop\Programme
2014-09-12 16:05 - 2014-04-23 21:36 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 15:19 - 2014-09-12 15:19 - 00058032 _____ () C:\Users\Tobi\Documents\bookmarks.html
2014-09-12 15:09 - 2014-09-12 15:09 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 11:59 - 2014-09-12 11:18 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Warframe
2014-09-12 10:58 - 2014-09-12 10:58 - 00000202 _____ () C:\Users\Tobi\Desktop\Warframe.url
2014-09-12 10:41 - 2014-09-11 09:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-09-12 10:41 - 2014-04-23 22:04 - 00001812 _____ () C:\Windows\Sandboxie.ini
2014-09-12 02:22 - 2014-04-23 21:02 - 01591896 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 02:21 - 2014-04-23 18:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 02:18 - 2014-05-07 00:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 02:18 - 2014-04-23 18:35 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 00:03 - 2014-09-05 16:09 - 00000202 _____ () C:\Users\Tobi\Desktop\Wasteland 2.url
2014-09-11 15:25 - 2014-09-11 15:25 - 00011200 _____ () C:\Users\Tobi\Downloads\4opJEin4kDjNd16vq3Mo.par2
2014-09-11 14:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-11 10:04 - 2014-04-23 22:08 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-11 10:04 - 2014-04-23 22:08 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-11 09:55 - 2014-09-11 09:55 - 00002288 _____ () C:\Users\Tobi\Documents\tvs-oitnb-ded-dl-bd-x264-111.dlc
2014-09-09 20:29 - 2014-04-24 00:07 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 20:29 - 2014-04-24 00:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 20:29 - 2014-04-24 00:07 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-08 18:00 - 2014-09-08 18:00 - 00000202 _____ () C:\Users\Tobi\Desktop\XCOM Enemy Unknown.url
2014-09-08 15:49 - 2014-09-08 15:49 - 00000090 _____ () C:\Users\Tobi\Documents\Rüsckastattung.txt
2014-09-08 10:56 - 2014-09-08 10:56 - 00000202 _____ () C:\Users\Tobi\Desktop\The Testament of Sherlock Holmes.url
2014-09-06 00:06 - 2014-09-05 16:32 - 00002609 _____ () C:\Users\Public\Desktop\VPN Autoconnect.lnk
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-09-05 16:46 - 2014-09-05 16:46 - 00000000 ____D () C:\Program Files (x86)\OpenVPN
2014-09-05 16:32 - 2014-09-05 16:32 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\globalip
2014-09-05 16:32 - 2014-09-05 16:32 - 00000000 ____D () C:\Program Files (x86)\globalip
2014-09-05 16:00 - 2014-09-05 16:00 - 00000000 ____D () C:\ProgramData\FlyVPN
2014-09-05 09:52 - 2014-05-13 18:49 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Adobe
2014-09-05 04:10 - 2014-09-11 06:24 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 06:24 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 21:50 - 2014-09-01 21:50 - 00011300 _____ () C:\Users\Tobi\Downloads\1bvU4flcSdoiNra72A1V.par2
2014-09-01 00:11 - 2014-08-31 20:15 - 00000203 _____ () C:\Users\Tobi\Documents\Danke Button Code.txt
2014-08-31 17:45 - 2014-04-23 21:35 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Deployment
2014-08-31 17:44 - 2014-06-29 03:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFO Creator
2014-08-31 17:42 - 2014-07-09 10:51 - 00000000 ____D () C:\Program Files (x86)\ibVPN
2014-08-29 17:10 - 2014-08-29 17:10 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Blizzard
2014-08-29 17:10 - 2014-08-29 16:42 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-29 16:42 - 2014-08-29 16:42 - 00001159 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-08-29 16:42 - 2014-08-29 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-29 16:41 - 2014-08-29 16:41 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\NVIDIA
2014-08-29 16:41 - 2014-08-29 16:41 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Battle.net
2014-08-29 16:41 - 2014-08-29 16:41 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Blizzard Entertainment
2014-08-29 16:40 - 2014-08-29 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-29 16:40 - 2014-08-29 16:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-29 16:40 - 2014-08-29 16:40 - 00000000 ____D () C:\ProgramData\Battle.net
2014-08-29 02:48 - 2014-08-29 02:48 - 00000000 ____D () C:\Users\Tobi\AppData\Local\Western_Digital_Technolog
2014-08-29 02:45 - 2014-08-29 02:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-08-29 02:45 - 2014-08-29 02:43 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-08-29 02:44 - 2014-08-29 02:44 - 00000000 ____D () C:\Users\Tobi\AppData\Local\IsolatedStorage
2014-08-29 01:42 - 2009-07-14 06:45 - 00296480 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 19:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-28 17:54 - 2014-08-28 17:54 - 00000577 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-08-28 17:54 - 2014-08-28 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-08-27 12:31 - 2014-08-27 12:31 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\.mono
2014-08-26 18:41 - 2014-08-26 18:41 - 01731072 _____ (JP-software) C:\Users\Tobi\Documents\UploadHelperR1Server.exe
2014-08-26 13:21 - 2014-06-16 00:29 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\FileZilla
2014-08-25 21:45 - 2014-08-25 21:45 - 00000042 _____ () C:\Users\Tobi\Documents\Atrawerb.txt
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-24 20:08 - 2014-06-16 00:29 - 00000000 ____D () C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-24 20:08 - 2014-06-16 00:29 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-23 04:07 - 2014-08-28 10:17 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 10:17 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 10:17 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 22:23 - 2014-08-22 22:23 - 00000202 _____ () C:\Users\Tobi\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-08-22 15:19 - 2014-05-09 00:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-08-22 15:19 - 2014-04-23 21:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
Some content of TEMP:
====================
C:\Users\Tobi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvzc_vo.dll
C:\Users\Tobi\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-08 14:35
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Tobi at 2014-09-19 12:58:57
Running from C:\Users\Tobi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
calibre 64bit (HKLM\...\{90C96F50-6055-4E41-A143-B0B02383223F}) (Version: 1.40.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Cool Beans NFO Creator 2.0.1.3 (HKLM-x32\...\Cool Beans NFO Creator_is1) (Version: - Cool Beans Software)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.5.0.0 - NewsGator Technologies, Inc.)
FileZilla Client 3.9.0.3 (HKCU\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
FlashFXP v3.2.0 (Build 1080) Scene Edition (HKLM-x32\...\FlashFXP v3.2.0 (Build 1080) Scene Edition) (Version: - )
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.16.1 - Androxyde)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grim Dawn (HKLM-x32\...\Steam App 219990) (Version: - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HEX (HKLM-x32\...\{6EDED3CB-CAC5-4200-A534-CCA1732EAF23}_is1) (Version: - Gameforge Productions GmbH)
iNFekt NFO Viewer (HKLM\...\{B1AC8E6A-6C47-4B6D-A853-B4BF5C83421C}_is1) (Version: 0.8.10 - cxxjoe & Contributors)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version: - Lightmare Studios)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaInfo 0.7.68 (HKLM\...\MediaInfo) (Version: 0.7.68 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
MixcloudDownloader (HKLM-x32\...\Mixcloud Downloader_is1) (Version: - )
Mixlr version 2.3.0 (HKLM-x32\...\{F021F776-6BD4-4301-985D-0C1D27EEC8ED}_is1) (Version: 2.3.0 - Mixlr, Ltd.)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 31.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.1 (x86 de)) (Version: 31.1.1 - Mozilla)
My Net View (HKLM-x32\...\{7F9C9908-69E3-4474-A081-256F27995A18}) (Version: 1.0.12.0 - Western Digital)
Newshosting (HKLM\...\{FE76A200-134E-48EC-8E90-3C124F16BC7F}) (Version: 1.6.1 - Newshosting)
NewsLeecher v6.5 Beta 6 (HKLM-x32\...\NewsLeecher_is1) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I200 (uac/max_config build) (HKLM-x32\...\OpenVPN) (Version: 2.3.2-I200 - )
Paragon Backup & Recovery™ 2013 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registry Workshop (HKLM\...\Registry Workshop) (Version: - )
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sony PC Companion 2.10.221 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.221 - Sony)
Sony刷机驱动安装程序 version 1.2 (HKLM-x32\...\{DCF4A01A-4ED7-4E60-8D4B-4B3F59CF3DE0}_is1) (Version: 1.2 - 北京众晶锐驰科技有限公司)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The Testament of Sherlock Holmes (HKLM-x32\...\Steam App 205650) (Version: - Frogwares)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version: - inXile Entertainment)
WD Discovery (HKLM-x32\...\{A80AE043-EF68-4B64-9C6F-088405FED315}) (Version: 102.0.1.10 - Western Digital Technologies, Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{B3F5EDE0-4267-49eb-A775-799895476453}\InprocServer32 -> d:\Program Files\iNFekt\infekt-nfo-shell.dll (cxxjoe Development)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{B8D080EE-9541-460f-A1AE-7C43CDA96C0F}\InprocServer32 -> d:\Program Files\iNFekt\infekt-nfo-shell.dll (cxxjoe Development)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3188705557-2088146150-3356971998-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
05-09-2014 14:31:44 Installed VPNAutoconnect
08-09-2014 16:22:09 DirectX wurde installiert
09-09-2014 06:49:32 Windows Update
12-09-2014 00:17:30 Windows Update
12-09-2014 09:19:57 DirectX wurde installiert
13-09-2014 17:45:07 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
13-09-2014 17:45:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
16-09-2014 22:06:00 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0491DC08-FB58-4761-8E26-30E0AADE43C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {3AB30591-133D-4D60-91C4-E3D7A5C76DA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {5BA22ECD-D626-4F59-9646-CC7F263D21AC} - System32\Tasks\{BFF31388-649D-4C38-8BE8-0F2414023AD3} => C:\Users\Tobi\Downloads\NFO Tools - Collection by Upp_Load_Er\NFO Creators\NFO Creator v3.5.2 Full\NFOCreator.EXE
Task: {79CED069-B5AB-4421-B30B-4CB34C79444C} - System32\Tasks\{58DB08F5-A11A-4FD7-965F-9F91824AAC04} => C:\Users\Tobi\Downloads\installer.exe
Task: {9F7C38B1-C0A3-4D1F-A3D9-8B1CF896A868} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-23] (Google Inc.)
Task: {DDE75FD9-D0C3-4F54-8332-65A77BA0A43C} - System32\Tasks\ibVPN => C:\Program Files (x86)\ibVPN\ibVPN.com.exe [2014-05-27] ()
Task: {F23E7F78-E479-4110-A0FF-19581EDA2682} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-23 21:07 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-05-09 00:19 - 2014-06-23 09:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-05-09 00:19 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-05-09 00:19 - 2013-09-13 11:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2014-05-21 21:04 - 2003-07-29 14:43 - 00212992 _____ () D:\Program Files (x86)\FeedDemon\FDTidy.dll
2014-09-19 10:09 - 2014-09-19 10:09 - 00043008 _____ () c:\users\tobi\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvzc_vo.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Tobi\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-09-12 16:05 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 16:05 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 16:05 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 16:05 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 16:05 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-13 01:03 - 2014-09-13 01:03 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-21 21:42 - 2014-08-21 21:42 - 01020928 _____ () C:\Users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\vgv5g28i.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2014-09-11 09:41 - 2014-09-11 09:41 - 03339376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-09-11 09:41 - 2014-09-11 09:41 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-09-11 09:41 - 2014-09-11 09:41 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/19/2014 10:36:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x17a0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (09/19/2014 10:09:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/19/2014 01:46:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x1b40
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (09/18/2014 10:30:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xf9c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (09/18/2014 08:20:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x18bc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (09/18/2014 06:10:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 11:00:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xab8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (09/17/2014 10:06:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x17e8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (09/17/2014 09:47:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:17:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xb58
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
System errors:
=============
Error: (09/17/2014 02:15:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Schedule erreicht.
Error: (09/17/2014 11:16:30 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (09/16/2014 05:18:39 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (09/14/2014 02:10:33 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (09/14/2014 02:22:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/12/2014 11:39:28 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 70. Der interne Fehlerstatus lautet: 105.
Error: (09/11/2014 06:39:54 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (09/10/2014 02:10:25 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (09/09/2014 09:17:03 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (09/09/2014 09:16:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AVM WLAN Connection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (09/19/2014 10:36:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e417a001cfd3e0fc090a54D:\Program Files\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll176fa5d7-3fd8-11e4-a12c-001a4d4b5452
Error: (09/19/2014 10:09:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/19/2014 01:46:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e41b4001cfd398348413aaD:\Program Files\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll0ce16fd1-3f8e-11e4-ae1d-001a4d4b5452
Error: (09/18/2014 10:30:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4f9c01cfd36d3cdeb644D:\Program Files\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll91a6e3db-3f72-11e4-ae1d-001a4d4b5452
Error: (09/18/2014 08:20:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e418bc01cfd359da11b9a1D:\Program Files\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll6787a2d7-3f60-11e4-ae1d-001a4d4b5452
Error: (09/18/2014 06:10:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 11:00:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4ab801cfd24e5ed6360dD:\Program Files\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll0c07dc37-3e49-11e4-9dc5-001a4d4b5452
Error: (09/17/2014 10:06:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e417e801cfd24b9c32077aD:\Program Files\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll8e8b6ab8-3e41-11e4-9dc5-001a4d4b5452
Error: (09/17/2014 09:47:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:17:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4b5801cfd238ba113e94D:\Program Files\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll43645736-3e32-11e4-bffb-001a4d4b5452
CodeIntegrity Errors:
===================================
Date: 2014-09-12 10:51:49.480
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:51:49.480
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:51:49.470
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:51:49.460
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:50:54.920
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-12 10:50:54.840
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-08 14:37:45.723
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-08 14:37:45.722
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-08 14:37:45.720
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-09-08 14:37:45.705
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume9\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 54%
Total physical RAM: 6142.48 MB
Available physical RAM: 2791.76 MB
Total Pagefile: 12283.15 MB
Available Pagefile: 8342.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:813.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:366.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Volume) (Fixed) (Total:232.67 GB) (Free:229.02 GB) NTFS
Drive g: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive h: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: () (Fixed) (Total:465.56 GB) (Free:465.46 GB) NTFS
Drive j: () (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
Drive k: () (Fixed) (Total:232.89 GB) (Free:232.73 GB) NTFS
Drive l: (Volume) (Fixed) (Total:931.51 GB) (Free:899.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F5881E4A)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=465.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6A3A351D)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 29C46DEC)
Partition 1: (Not Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.7 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit