Windows 7 SP1: MSE durch Gruppenrichtlinie blockiert / Windows Defender nicht aktivierbar Hallo und guten Tag,
ich wollte vor einigen Tagen das Spiel ArcheAge antesten und musste aber bei dessen Start feststellen, dass es >15 Minuten und länger dauert, bis es startet.
Daraufhin habe ich mich im Internet belesen, womit dieses Problem zusammenhängen könnte und erfahren, dass oft ein Konflikt mit MsMpEng.exe auftritt.
In diesem Zusammenhang wollte ich diesem Prozess erst über die Windows Defender-Einstellungen in der Systemsteuerung beikommen.
Beim Doppelklick auf Windows Defender erscheint aber nur die Meldung:
"Das Programm ist deaktiviert. (...) Wenn Sie das Programm verwenden möchten, klicken Sie hier um es zu aktivieren."
Allerdings passiert beim Klick darauf überhaupt nichts.
Beim zweiten Anlauf über Microsoft Security Essentials erschien nur die anscheinend bekannte Fehlermeldung, dass das Programm durch eine Gruppenrichtlinie blockiert wird.
Vielen Dank für eure Zeit und eure Hife.
defogger_disable.txt Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:37 on 15/11/2014 (Nexos)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=- FRST.txt Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Nexos (administrator) on NEXOS-PC on 15-11-2014 11:53:58
Running from C:\Users\Nexos\Desktop
Loaded Profile: Nexos (Available profiles: Nexos)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Nexos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x64\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x64\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x64\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x64\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDMedia.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [110360 2011-06-14] (Logitech Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Microsoft Security Client <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-09-28] (AMD)
HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-10-17] (Raptr, Inc)
HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\Run: [Spotify Web Helper] => C:\Users\Nexos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-08] (Spotify Ltd)
HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\MountPoints2: {3140a5bd-a984-11e0-bc62-6cf049b836f1} - G:\pushinst.exe
HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\MountPoints2: {61c238a1-ac25-11e0-a50f-001f3f09ac8a} - H:\launcher.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-15] (Microsoft Corporation)
Startup: C:\Users\Nexos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321902&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPE7A82491-E568-4751-9F3D-0162FCC6544F&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2255222441-2029071802-1949690619-1000 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\..\Interfaces\{A60154D0-B861-46D3-A963-009A691EEE08}: [NameServer] 94.103.164.240
FireFox:
========
FF ProfilePath: C:\Users\Nexos\AppData\Roaming\Mozilla\Firefox\Profiles\lzr5y1w5.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.facebook.com/|https://www.google.de/
FF NetworkProxy: "ftp", "91.109.18.169"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "91.109.18.169"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.109.18.169"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "91.109.18.169"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2255222441-2029071802-1949690619-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nexos\AppData\Roaming\Mozilla\Firefox\Profiles\lzr5y1w5.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Nexos\AppData\Roaming\Mozilla\Firefox\Profiles\lzr5y1w5.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Nexos\AppData\Roaming\Mozilla\Firefox\Profiles\lzr5y1w5.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Nexos\AppData\Roaming\Mozilla\Firefox\Profiles\lzr5y1w5.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Stealthy - C:\Users\Nexos\AppData\Roaming\Mozilla\Firefox\Profiles\lzr5y1w5.default\Extensions\stealthyextension@gmail.com.xpi [2011-10-14]
FF Extension: Adblock Plus - C:\Users\Nexos\AppData\Roaming\Mozilla\Firefox\Profiles\lzr5y1w5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-10]
FF Extension: Download Statusbar - C:\Users\Nexos\AppData\Roaming\Mozilla\Firefox\Profiles\lzr5y1w5.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-07-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-11-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2011-05-25] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3804120 2011-08-07] (INCA Internet Co., Ltd.) [File not signed]
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1900400 2014-11-13] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-06] ()
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X]
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-30] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-07-30] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-15] (Disc Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-07-30] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-13] (Duplex Secure Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 11:53 - 2014-11-15 11:58 - 00022815 _____ () C:\Users\Nexos\Desktop\FRST.txt
2014-11-15 11:53 - 2014-11-15 11:54 - 00000000 ____D () C:\FRST
2014-11-15 11:52 - 2014-11-15 11:52 - 02116608 _____ (Farbar) C:\Users\Nexos\Desktop\FRST64.exe
2014-11-15 11:37 - 2014-11-15 11:37 - 00000652 _____ () C:\Users\Nexos\Downloads\defogger_disable.log
2014-11-15 11:37 - 2014-11-15 11:37 - 00000188 _____ () C:\Users\Nexos\defogger_reenable
2014-11-15 11:36 - 2014-11-15 11:36 - 00050477 _____ () C:\Users\Nexos\Downloads\Defogger.exe
2014-11-15 11:06 - 2014-11-15 11:06 - 00000000 ____D () C:\ProgramData\LHService
2014-11-15 11:03 - 2014-11-15 11:04 - 00000000 ____D () C:\ProgramData\LockHunter
2014-11-15 11:03 - 2014-11-15 11:03 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\LockHunter
2014-11-15 11:03 - 2014-11-15 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter
2014-11-15 11:03 - 2014-11-15 11:03 - 00000000 ____D () C:\Program Files\LockHunter
2014-11-15 11:02 - 2014-11-15 11:02 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\Nexos\Downloads\lockhuntersetup_3-1-1.exe
2014-11-15 10:30 - 2014-11-15 10:30 - 00004668 _____ () C:\Windows\PFRO.log
2014-11-15 01:34 - 2014-11-15 01:34 - 00000000 ____D () C:\Windows\system32\SPReview
2014-11-15 01:31 - 2014-11-15 01:31 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-11-14 23:25 - 2014-11-14 23:25 - 00337957 _____ () C:\Users\Nexos\Downloads\RepairGTAEngRus.rar
2014-11-14 23:23 - 2014-11-14 23:23 - 00001222 _____ () C:\Users\Nexos\Downloads\1319602895_NGTsExplosionV.2.zip
2014-11-14 23:16 - 2014-11-14 23:16 - 04757571 _____ () C:\Users\Nexos\Downloads\iCE30_1070_REV1.rar
2014-11-14 19:53 - 2014-11-14 19:54 - 18383122 _____ () C:\Users\Nexos\Downloads\1326219019_thamod.rar
2014-11-14 19:50 - 2014-11-14 20:02 - 420837564 _____ () C:\Users\Nexos\Downloads\Top-speed Car Pack 2012 Beta.zip
2014-11-14 17:54 - 2014-11-05 03:48 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-14 16:50 - 2014-11-15 11:39 - 00000616 _____ () C:\Windows\setupact.log
2014-11-14 16:50 - 2014-11-14 16:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-13 17:53 - 2014-11-13 17:58 - 00000000 ____D () C:\Users\Nexos\Desktop\Klausuren SS2014
2014-11-13 16:24 - 2014-11-13 16:24 - 00017188 _____ () C:\Windows\AVMInstall.Log
2014-11-13 16:20 - 2014-11-13 16:20 - 00227096 _____ () C:\Users\Nexos\Downloads\avira13_registry_cleaner_de.exe
2014-11-13 16:19 - 2014-11-13 16:19 - 00003128 _____ () C:\Windows\System32\Tasks\{22B93E9D-21AA-48A9-BBBA-953AE6592DC0}
2014-11-13 16:13 - 2014-11-13 16:13 - 04977216 _____ (Piriform Ltd) C:\Users\Nexos\Downloads\ccsetup419.exe
2014-11-13 16:13 - 2014-11-13 16:13 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-10 21:32 - 2014-11-10 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 19:20 - 2014-11-13 19:50 - 00000000 ____D () C:\Users\Nexos\Documents\ArcheAge
2014-11-09 19:20 - 2014-11-09 19:20 - 00000000 ____D () C:\ArcheAge
2014-11-06 22:05 - 2014-11-06 22:05 - 00000639 _____ () C:\Users\Nexos\Desktop\Archeage.lnk
2014-11-06 21:53 - 2014-11-06 21:53 - 00000000 ____D () C:\Users\Nexos\AppData\Local\Glyph
2014-11-06 21:53 - 2014-11-06 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-11-06 21:53 - 2014-11-06 21:53 - 00000000 ____D () C:\ProgramData\Glyph
2014-11-06 21:17 - 2014-11-06 21:19 - 09655581 _____ () C:\Users\Nexos\Downloads\WatchDogsIV 4.zip
2014-11-06 21:14 - 2014-11-06 21:14 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2014-11-06 21:14 - 2014-11-06 21:14 - 00000000 ____D () C:\Users\Nexos\AppData\Local\New Technology Studio
2014-11-06 21:10 - 2014-11-06 21:11 - 05594624 _____ (New Technology Studio) C:\Users\Nexos\Downloads\ovisetup.exe
2014-11-06 17:56 - 2014-11-06 22:44 - 00000000 ____D () C:\Users\Nexos\Desktop\Musik2
2014-11-05 18:24 - 2014-11-05 18:30 - 32088688 _____ (Trion Worlds Inc.) C:\Users\Nexos\Downloads\GlyphInstall-0-120.exe
2014-11-03 17:33 - 2014-11-03 17:37 - 00000000 ____D () C:\Users\Nexos\AppData\Local\CSO
2014-11-03 17:33 - 2014-11-03 17:33 - 00000000 ____D () C:\ProgramData\Nexon
2014-11-03 08:21 - 2014-11-03 08:21 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battlestations Pacific
2014-11-03 08:21 - 2014-11-03 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestations Pacific
2014-11-02 22:08 - 2014-11-02 22:08 - 01192533 _____ () C:\Windows\unins000.exe
2014-11-02 22:08 - 2014-11-02 22:08 - 00018412 _____ () C:\Windows\unins000.dat
2014-11-02 22:08 - 2014-11-02 22:08 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\MingGuan
2014-11-02 22:08 - 2014-11-02 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-11-02 22:08 - 2014-11-02 22:08 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-10-30 22:22 - 2014-10-30 22:22 - 00000000 ____D () C:\Users\Nexos\AppData\Local\SCE
2014-10-28 08:02 - 2014-10-28 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-28 08:02 - 2014-10-28 08:01 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-28 08:02 - 2014-10-28 08:01 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-28 08:02 - 2014-10-28 08:01 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-28 08:02 - 2014-10-28 08:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-28 08:01 - 2014-10-28 08:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-23 17:46 - 2014-10-23 17:55 - 15235600 _____ (freenetproject.org ) C:\Users\Nexos\Downloads\FreenetInstaller-1465.exe
2014-10-20 18:29 - 2014-10-20 18:29 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\AVG2015
2014-10-20 18:24 - 2014-10-20 18:28 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-20 17:25 - 2014-10-21 06:41 - 00000000 ____D () C:\Users\Nexos\AppData\Local\Avg2015
2014-10-19 21:13 - 2014-10-20 06:42 - 00000000 ____D () C:\Users\Nexos\Desktop\Sabaton - Heroes
2014-10-19 18:01 - 2014-10-19 20:10 - 00113259 _____ () C:\Users\Nexos\Desktop\Apple - Kundenwert und Marktwert.pptx
2014-10-19 12:35 - 2014-10-19 12:35 - 00000202 _____ () C:\Users\Nexos\Desktop\PlanetSide 2.url
2014-10-18 10:56 - 2014-10-18 10:57 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-17 18:14 - 2014-10-19 17:22 - 00000000 ____D () C:\Users\Nexos\Documents\ArcaniA - Gothic 4
2014-10-17 17:32 - 2014-10-17 17:32 - 00004096 _____ () C:\Windows\d3dx.dat
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 11:48 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-15 11:48 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-15 11:46 - 2013-02-17 00:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-15 11:45 - 2011-07-08 17:54 - 01354021 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 11:42 - 2014-05-28 05:45 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\Raptr
2014-11-15 11:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 11:37 - 2011-07-08 17:55 - 00000000 ____D () C:\Users\Nexos
2014-11-15 11:13 - 2014-06-30 17:11 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-15 11:04 - 2012-03-06 20:54 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\AIMP3
2014-11-15 10:37 - 2009-07-14 18:58 - 00710046 _____ () C:\Windows\system32\perfh007.dat
2014-11-15 10:37 - 2009-07-14 18:58 - 00154482 _____ () C:\Windows\system32\perfc007.dat
2014-11-15 10:37 - 2009-07-14 06:13 - 01650148 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-15 10:32 - 2009-07-14 05:45 - 00422216 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 10:25 - 2011-07-08 15:32 - 00000000 ____D () C:\Windows\Panther
2014-11-15 10:18 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-15 10:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-11-15 10:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-11-15 10:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-11-15 10:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-15 10:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-11-15 10:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-11-15 10:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-11-15 10:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-11-15 10:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-11-15 10:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-11-15 10:17 - 2009-07-14 19:18 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-11-15 10:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-15 01:47 - 2009-07-14 03:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-11-15 01:47 - 2009-07-14 03:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2014-11-14 20:44 - 2013-02-03 10:20 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\Spotify
2014-11-14 20:42 - 2013-02-03 10:23 - 00000000 ____D () C:\Users\Nexos\AppData\Local\Spotify
2014-11-14 18:01 - 2014-07-24 21:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-14 18:01 - 2011-07-10 13:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 17:59 - 2013-07-14 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 17:54 - 2011-07-10 14:04 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 22:39 - 2012-01-19 13:33 - 00000000 ____D () C:\ProgramData\Origin
2014-11-13 22:36 - 2012-01-19 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-13 16:22 - 2014-10-08 21:11 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\uTorrent
2014-11-13 16:22 - 2014-07-02 21:16 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-11-13 16:22 - 2011-07-15 00:20 - 00000000 ____D () C:\Windows\Minidump
2014-11-13 16:22 - 2011-07-10 22:00 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\TS3Client
2014-11-13 16:22 - 2011-07-10 19:58 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\DAEMON Tools Lite
2014-11-13 16:21 - 2012-06-18 14:36 - 00000000 ____D () C:\Program Files\Defraggler
2014-11-13 16:14 - 2011-07-08 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-13 16:13 - 2011-07-08 18:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-13 15:48 - 2012-04-25 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 21:46 - 2013-02-17 00:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 21:46 - 2012-04-02 02:33 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 21:46 - 2011-07-10 11:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-10 22:50 - 2011-07-10 19:21 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\vlc
2014-11-09 19:23 - 2011-07-10 11:19 - 00000000 ____D () C:\Users\Nexos\Desktop\Programme
2014-11-06 21:55 - 2011-07-10 13:30 - 00000000 ____D () C:\Users\Nexos\Desktop\Games
2014-11-06 17:47 - 2011-12-14 19:11 - 00000000 ____D () C:\Users\Nexos\Desktop\Bilder
2014-11-03 19:19 - 2014-06-03 13:52 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\Tropico 5
2014-11-03 17:32 - 2013-10-01 23:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-03 08:55 - 2011-07-21 14:36 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-10-30 12:25 - 2011-07-12 16:10 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 15:44 - 2011-07-11 19:00 - 00000000 ____D () C:\Users\Nexos\Documents\My Games
2014-10-28 14:39 - 2013-10-23 09:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-27 15:49 - 2011-07-08 18:24 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-10-24 06:55 - 2014-06-30 06:14 - 00000000 ____D () C:\Users\Nexos\AppData\Local\Adobe
2014-10-20 21:02 - 2011-07-08 18:12 - 00000000 ____D () C:\Program Files (x86)\AIMP2
2014-10-20 18:37 - 2014-06-30 17:45 - 00000000 ____D () C:\ProgramData\AVG2014
2014-10-20 18:29 - 2014-06-30 17:44 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-20 18:28 - 2014-06-30 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-20 18:28 - 2014-06-30 17:45 - 00000000 ___HD () C:\$AVG
2014-10-20 17:15 - 2014-05-28 05:45 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-10-18 10:56 - 2011-07-10 11:49 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-18 10:56 - 2011-07-10 11:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-17 17:25 - 2011-07-10 20:27 - 00000000 ____D () C:\Users\Nexos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
Some content of TEMP:
====================
C:\Users\Nexos\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Nexos\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 12:50
==================== End Of Log ============================ Additions.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Nexos at 2014-11-15 11:58:33
Running from C:\Users\Nexos\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
"Nero SoundTrax Help (x32 Version: 4.0.11.0 - Nero AG) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
Allied Intent Xtended 2.0 (HKLM-x32\...\Allied Intent Xtended) (Version: 2.0 - AIX Community)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{DAD5AC93-8518-4F46-A5FE-E63FEE791B6F}) (Version: 4.0.4.0506 - Advanced Micro Devices, Inc.)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
Aufstieg des Hexenkönigs™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4213 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 2: Deluxe (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlestations Pacific (HKLM-x32\...\Battlestations Pacific) (Version: - )
Battlestations: Pacific (HKLM-x32\...\{BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC}) (Version: 1.00.0000 - Eidos plc)
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - )
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Blitzkrieg Mod (HKLM-x32\...\Blitzkrieg) (Version: 4.7.0.0 - Blitzkrieg Mod Team)
Call of Cthulhu: Dark Corners of the Earth (HKLM-x32\...\Steam App 22340) (Version: - Bethesda Softworks)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version: - Infinity Ward)
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Codename: Panzers - Cold War (HKLM-x32\...\Steam App 9850) (Version: - InnoGlow)
Combiner for EF 1.710 (HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\Combiner for EF 1.710) (Version: - )
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and Conquer 3: Kane's Wrath (HKLM-x32\...\Steam App 24810) (Version: - EA Los Angeles)
Command and Conquer 3: Tiberium Wars (HKLM-x32\...\Steam App 24790) (Version: - EA Los Angeles)
Command and Conquer: Red Alert 3 - Uprising (HKLM-x32\...\Steam App 24800) (Version: - EA Los Angeles)
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
Company of Heroes - Joint Operations v1.0 (HKLM-x32\...\{616D3113-38A1-40E4-A966-352DD94ECBEB}_is1) (Version: - Mannerheim and Henry666)
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version: - Relic)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - )
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version: - Relic)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version: - Relic)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version: - Nexon)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
Day of Defeat (HKLM-x32\...\Steam App 30) (Version: - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
Dead Space (HKLM-x32\...\Steam App 17470) (Version: - EA Redwood Shores)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.941.0 - Electronic Arts)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deathmatch Classic (HKLM-x32\...\Steam App 40) (Version: - Valve)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Eastern Front (HKLM-x32\...\Eastern Front) (Version: 1.7.0.0 - )
Emergency 2013 (HKLM-x32\...\Steam App 222820) (Version: - Quadriga Games)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
Empire Earth Ultimate Edition (HKLM-x32\...\{912CE296-3D73-4A9D-B3FB-70A5CF7A8568}) (Version: 1.0 - The Games Company)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
F.E.A.R. 2: Project Origin (HKLM-x32\...\Steam App 16450) (Version: - Monolith)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version: - Day 1 Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Bethesda Softworks)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version: - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FlatOut: Ultimate Carnage (HKLM-x32\...\Steam App 12360) (Version: - Bugbear Entertainment)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Frontline Tactics (HKLM-x32\...\Steam App 218310) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Team Garry)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Gothic (HKLM-x32\...\Steam App 65540) (Version: - Piranha – Bytes)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version: - Piranha – Bytes)
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar)
GRID (HKLM-x32\...\Steam App 12750) (Version: - Codemasters)
GRID Autosport (HKLM-x32\...\Steam App 255220) (Version: - Codemasters Racing)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version: - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve)
Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version: - Valve)
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version: - )
Hellgate: London (HKLM\...\{A2B4455D-1046-4732-BFBC-0821BEFC07BC}) (Version: 1.10.180.3416 - Flagship Studios)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version: - IO Interactive)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)
Hitman: Codename 47 (HKLM-x32\...\Steam App 6900) (Version: - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version: - IO Interactive)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HydraVision (x32 Version: 4.2.242.0 - Advanced Micro Devices, Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause (HKLM-x32\...\Steam App 6880) (Version: - Avalanche)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Left 4 Dead 2 Beta (HKLM-x32\...\Steam App 223530) (Version: - )
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Logitech Gaming Software 8.00 (HKLM\...\{690285C2-2481-44FB-8402-162EA970A6DD}) (Version: 8.00.127 - Logitech Inc.)
Logitech SetPoint 6.30 (HKLM\...\sp6) (Version: 6.30.43 - Logitech)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medal of Honor(TM) Multiplayer (HKLM-x32\...\Steam App 47830) (Version: - Electronic Arts)
Medal of Honor(TM) Single Player (HKLM-x32\...\Steam App 47790) (Version: - Electronic Arts)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
Nero 9 (HKLM-x32\...\{90300510-9d84-49b0-b407-a303bd8ed4ab}) (Version: - Nero AG)
Next Car Game (HKLM-x32\...\Steam App 228380) (Version: - Bugbear)
Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version: - Bugbear)
NHCmod v2.602a (HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\NHCmod v2.602a) (Version: - )
NHCmod v2.602c STANDARD VERSION (HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\NHCmod v2.602c STANDARD VERSION) (Version: - )
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.2.3 (HKLM-x32\...\OpenTTD) (Version: 1.2.3 - OpenTTD)
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version: - Robot Entertainment)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
Populous (HKLM-x32\...\{476CD9DE-C45F-4443-BFA7-E51C58B7E455}) (Version: 1.0.0.0 - Electronic Arts)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
RAGE (HKLM-x32\...\Steam App 9200) (Version: - id Software)
Railroad Pioneer (HKLM-x32\...\Railroad Pioneer) (Version: - JoWooD Productions Software AG)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version: - Volition)
Red Faction: Guerrilla (HKLM-x32\...\Steam App 20500) (Version: - Volition)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.92 (HKLM-x32\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version: - )
Rogue Warrior (HKLM-x32\...\{06645A45-8A8E-4984-9065-89864FDE8EC2}) (Version: 1.00.0000 - Bethesda Softworks LLC)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version: - GSC Game World)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - Coffee Stain Studios)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - Maxis)
Sins of a Solar Empire (HKLM-x32\...\Sins of a Solar Empire) (Version: - Stardock Entertainment)
Sins of a Solar Empire (x32 Version: 1.05 - Kalypso) Hidden
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version: - Ironclad Games)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - )
SoundTrax (x32 Version: 4.0.11.0 - Nero AG) Hidden
Source Multiplayer Dedicated Server (HKLM-x32\...\Steam App 310) (Version: - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - Yager)
Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios)
SpinTires Tech Demo (June 060613) (HKLM-x32\...\{9AF7D6F5-50A5-432C-9F7B-83BCE03B11A0}) (Version: 1.3 - Oovee)
Spotify (HKU\S-1-5-21-2255222441-2029071802-1949690619-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars Empire at War Forces of Corruption (HKLM-x32\...\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Supreme Commander - Forged Alliance (HKLM-x32\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version: - Gas Powered Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version: - 2K Marin)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version: - Digital Extremes)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version: - Snowblind Studios)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version: - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.0 - Activision)
Wolfenstein (x32 Version: 1.0 - Activision) Hidden
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version: - MachineGames)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
15-11-2014 00:34:21 Windows 7 Service Pack 1
15-11-2014 10:22:54 Windows Modules Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2011-07-10 11:19 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {33AB4740-95EE-4CA5-BA9A-202B77156527} - System32\Tasks\{542FCBDA-FE26-4E1F-A12A-7B0BBD343A56} => D:\Empire Earth\Empire Earth\Empire Earth.exe
Task: {455800D8-9006-4920-9520-D31C7493BC24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {76D6AC55-2267-4559-8189-16751BEA0537} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-09-15 17:13 - 2014-09-15 17:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2011-07-10 15:26 - 2014-10-06 17:38 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-07-08 18:27 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-07-08 18:14 - 2011-07-08 18:14 - 00096768 _____ () C:\Program Files\Logitech Gaming Software\plugins\DevMgr-8.00.043\DevMgr.dll
2011-07-08 18:14 - 2011-07-08 18:14 - 00124416 _____ () C:\Program Files\Logitech Gaming Software\plugins\DevBusHid-8.00.047\DevBusHid.dll
2011-07-08 18:14 - 2011-07-08 18:14 - 00123392 _____ () C:\Program Files\Logitech Gaming Software\plugins\DevBusBulk-8.00.051\DevBusBulk.dll
2011-07-08 18:14 - 2011-07-08 18:14 - 00090112 _____ () C:\Program Files\Logitech Gaming Software\plugins\SimInput-8.00.041\SimInput.dll
2011-07-08 18:14 - 2011-07-08 18:14 - 00606720 _____ () C:\Program Files\Logitech Gaming Software\plugins\MainUI-8.00.133\MainUI.dll
2011-07-08 18:14 - 2011-07-08 18:14 - 00194048 _____ () C:\Program Files\Logitech Gaming Software\plugins\G13Device-8.00.121\G13Device.dll
2011-07-08 18:14 - 2011-07-08 18:14 - 00218624 _____ () C:\Program Files\Logitech Gaming Software\plugins\G19Device-8.00.114\G19Device.dll
2011-07-08 18:14 - 2011-07-08 18:14 - 00034304 _____ () C:\Program Files\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.00.025\PnpGamePanelDevices.dll
2011-06-24 00:42 - 2011-06-24 00:42 - 01302808 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2014-11-02 22:08 - 2013-10-29 14:49 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2014-11-02 22:08 - 2013-06-26 17:01 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-09-15 17:13 - 2014-09-15 17:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-11-02 22:08 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-11-02 22:08 - 2013-11-05 16:31 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-11-10 21:32 - 2014-11-10 21:32 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Nexos\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Nexos\AppData\Roaming:NT
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony Ericsson PCCompanion => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^Users^Nexos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nexos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: AVMWlanClient => C:\Program Files (x86)\avmwlanstick\wlangui.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Greenshot => C:\Program Files\Greenshot\Greenshot.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Nexos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
========================= Accounts: ==========================
Administrator (S-1-5-21-2255222441-2029071802-1949690619-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2255222441-2029071802-1949690619-1018 - Limited - Enabled)
Gast (S-1-5-21-2255222441-2029071802-1949690619-501 - Limited - Disabled)
Nexos (S-1-5-21-2255222441-2029071802-1949690619-1000 - Administrator - Enabled) => C:\Users\Nexos
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/15/2014 11:22:52 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80042319).
Error: (11/15/2014 10:34:24 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4608) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (11/15/2014 10:32:48 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4940) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (11/15/2014 01:30:02 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (11/15/2014 01:07:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd03d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.17206, Zeitstempel: 0x50e669a2
Ausnahmecode: 0x0000046b
Fehleroffset: 0x000000000000ac3d
ID des fehlerhaften Prozesses: 0x1438
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3
Error: (11/15/2014 00:46:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm plugin-container.exe, Version 33.1.0.5423 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1150
Startzeit: 01d000650e90f923
Endzeit: 20
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Berichts-ID: 63ab8a20-6c58-11e4-a3b9-c84d290d32e7
Error: (11/13/2014 07:24:30 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
Error: (11/13/2014 07:06:39 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
Error: (11/13/2014 06:47:54 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
Error: (11/13/2014 06:49:01 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
System errors:
=============
Error: (11/15/2014 11:41:02 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x80070422
Error: (11/15/2014 11:41:02 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x80070422
Error: (11/15/2014 11:39:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/15/2014 11:39:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2
Error: (11/15/2014 11:39:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/15/2014 11:39:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/15/2014 11:23:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/15/2014 11:16:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (11/15/2014 11:09:18 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x80070422
Error: (11/15/2014 11:09:18 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: 0x80070422
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2011-07-30 00:50:12.714
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-07-10 13:19:07.645
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Nexos\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-10 13:19:07.631
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Nexos\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-10 13:19:07.336
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-10 13:19:07.327
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 60%
Total physical RAM: 4093.55 MB
Available physical RAM: 1611.06 MB
Total Pagefile: 8185.29 MB
Available Pagefile: 5555.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:265.66 GB) (Free:125.42 GB) NTFS
Drive d: (Games) (Fixed) (Total:931.51 GB) (Free:62.94 GB) NTFS
Drive e: (Drakonia Black) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive f: () (Fixed) (Total:200 GB) (Free:199.86 GB) NTFS
Drive h: (WD Elements Nexos) (Fixed) (Total:931.51 GB) (Free:141.18 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6A090085)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 345821D3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Gmer.txt Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-15 12:15:19
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-5 WDC_WD5001AALS-00E3A0 rev.05.01D05 465,76GB
Running: dq8t3lst.exe; Driver: C:\Users\Nexos\AppData\Local\Temp\kgloqpog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff800037fc000 38 bytes [2B, C1, 48, 3D, 00, 10, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 599 fffff800037fc027 59 bytes [8B, C4, 48, 8D, 0C, 80, 4D, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[2204] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000074771a22 2 bytes [77, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2204] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000074771ad0 2 bytes [77, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2204] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000074771b08 2 bytes [77, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2204] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000074771bba 2 bytes [77, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2204] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000074771bda 2 bytes [77, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2204] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076371465 2 bytes [37, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2204] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763714bb 2 bytes [37, 76]
.text ... * 2
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[5408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076371465 2 bytes [37, 76]
.text C:\Program Files (x86)\Windows Media Player\wmplayer.exe[5408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763714bb 2 bytes [37, 76]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5136:4592] 0000000076587587
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5136:5636] 000000006fb07712
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5136:5752] 00000000778e2e25
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5136:5960] 00000000778e3e45
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5136:3632] 00000000778e3e45
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001bdc0fff8b
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC9 0x35 0xE5 0xCD ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x95 0xBC 0x63 0xFA ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD7 0xA0 0x2D 0xD9 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001bdc0fff8b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC9 0x35 0xE5 0xCD ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x95 0xBC 0x63 0xFA ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD7 0xA0 0x2D 0xD9 ...
---- EOF - GMER 2.1 ---- |