Bernd114 | 07.10.2014 22:24 | FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Nils (administrator) on SKAIWALKURRR on 07-10-2014 20:08:12
Running from C:\Users\Nils\Downloads
Loaded Profiles: Nils & postgres (Available profiles: Nils & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Alienware Corp) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Alienware Corporation) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11777128 2011-02-14] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13256 2011-05-02] (Microsoft)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Razer StarcraftII Driver] => C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray
HKLM-x32\...\Run: [Razer Imperator Driver] => C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-01-16] (Razer USA Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.6.0_22\bin\jusched.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Networks Killer Network Manager.lnk
ShortcutTarget: Bigfoot Networks Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=F0A200190303E113&affID=120695&tt=300613_dltp&tsp=4929
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.de/alienware
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F0A200190303E113&affID=120695&tt=300613_dltp&tsp=4929
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {D284F9FC-1AA0-4A91-BA49-CD47D0631904} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=8013CF58-C325-48CD-838F-DBEA93F519F5&apn_sauid=77F38B40-489F-4563-8701-17B712079D9F
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 11 C:\Windows\SysWOW64\BfLLR.dll [183400] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 11 %SYSTEMROOT%\system32\BfLLR.dll [192616] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\7duqbjwb.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: https://dub113.mail.live.com/default.aspx
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\7duqbjwb.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll (Cisco WebEx LLC)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\7duqbjwb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-05-09]
Chrome:
=======
CHR Profile: C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [466944 2011-06-11] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 TDslMgrService; C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
R2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BfEdge7x64; C:\Windows\System32\DRIVERS\Edge7x64.sys [31336 2011-06-11] (Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\DRIVERS\Xeno7x64.sys [157288 2011-06-11] (Bigfoot Networks, Inc.)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [115200 2010-10-15] (Razer USA Ltd)
S3 PCDSRVC{0FF99CEB-15C9CE9E-06020200}_0; \??\c:\program files\alienautopsy\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-07 20:08 - 2014-10-07 20:12 - 00013694 _____ () C:\Users\Nils\Downloads\FRST.txt
2014-10-07 20:07 - 2014-10-07 20:08 - 00000000 ____D () C:\FRST
2014-10-07 20:07 - 2014-10-07 20:07 - 02109952 _____ (Farbar) C:\Users\Nils\Downloads\FRST64.exe
2014-10-07 19:37 - 2014-10-07 19:37 - 01125200 _____ () C:\Users\Nils\Downloads\HijackThis - CHIP-Installer.exe
2014-10-07 19:04 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-07 19:04 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-07 19:04 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-07 19:04 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-07 19:03 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-07 19:03 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-07 19:03 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-07 19:03 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-10-07 19:03 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-07 19:03 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-07 19:03 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-07 19:03 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-07 19:03 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-07 19:03 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-07 13:47 - 2014-10-07 13:47 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Avira
2014-10-07 13:45 - 2014-10-07 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-07 13:45 - 2014-10-07 13:46 - 00000000 ____D () C:\ProgramData\Avira
2014-10-07 00:10 - 2014-10-07 13:46 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-06 22:47 - 2014-10-06 22:47 - 00000000 ____D () C:\Users\Nils\AppData\Local\CrashDumps
2014-10-05 21:47 - 2014-10-05 21:47 - 00007081 _____ () C:\Users\Nils\AppData\Local\recently-used.xbel
2014-10-01 22:31 - 2014-10-07 10:04 - 00000000 ____D () C:\Users\Nils\AppData\Local\AuxClient
2014-09-30 11:45 - 2014-09-30 11:45 - 60849414 _____ () C:\Users\Nils\Downloads\The Classy Issue May Mixtape.m4a
2014-09-24 13:19 - 2014-10-07 18:55 - 00000000 ____D () C:\Program Files (x86)\CoffeeCalcs - husng.com
2014-09-24 13:19 - 2014-09-24 13:19 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCalcs - husng.com
2014-09-21 10:34 - 2014-09-21 10:41 - 00000000 ____D () C:\Users\Nils\AppData\Local\DisplayFusion
2014-09-21 10:33 - 2014-10-07 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2014-09-21 10:33 - 2014-10-07 18:55 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2014-09-21 10:33 - 2014-09-21 10:33 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\DisplayFusion
2014-09-21 10:33 - 2014-09-21 10:33 - 00000000 ____D () C:\ProgramData\Binary Fortress Software
2014-09-21 10:11 - 2014-09-21 10:11 - 00000000 ____D () C:\Users\Nils\.thumbnails
2014-09-21 10:08 - 2014-10-07 18:55 - 00000000 ____D () C:\Program Files\GIMP 2
2014-09-21 10:08 - 2014-10-05 21:48 - 00000000 ____D () C:\Users\Nils\.gimp-2.8
2014-09-21 10:08 - 2014-09-21 10:08 - 00000000 ____D () C:\Users\Nils\AppData\Local\gegl-0.2
2014-09-10 14:56 - 2014-09-10 14:56 - 00000083 _____ () C:\Users\Nils\Downloads\ADRIANE-KNOPPIX_V7.2.0bootonly-2013-07-28-EN.iso.md5
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-07 20:12 - 2011-11-09 19:07 - 01380421 _____ () C:\Windows\WindowsUpdate.log
2014-10-07 20:12 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 20:12 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 20:11 - 2013-05-09 15:48 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-07 20:11 - 2011-11-15 20:29 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Skype
2014-10-07 20:03 - 2013-06-30 22:46 - 00000378 _____ () C:\Windows\Tasks\VideoSaver Update.job
2014-10-07 20:03 - 2013-05-09 15:48 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-07 20:03 - 2013-03-31 20:58 - 00000000 ____D () C:\Users\postgres.SkaiWalkurrr.000
2014-10-07 20:03 - 2012-07-01 10:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-07 20:03 - 2011-11-15 19:23 - 00000000 ____D () C:\Users\Nils
2014-10-07 20:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-07 20:03 - 2009-07-14 06:51 - 00367276 _____ () C:\Windows\setupact.log
2014-10-07 20:00 - 2014-04-30 01:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-07 20:00 - 2012-10-27 12:52 - 00000000 ____D () C:\Users\postgres
2014-10-07 20:00 - 2010-11-21 08:49 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-10-07 20:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-10-07 20:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-07 20:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-07 20:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-07 19:59 - 2013-03-03 13:34 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-10-07 19:49 - 2013-08-07 22:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-07 19:36 - 2012-07-01 10:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-07 19:36 - 2012-04-21 10:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-07 19:36 - 2012-01-31 01:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-07 19:13 - 2013-11-12 23:01 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\TableNinja.v2
2014-10-07 19:06 - 2013-05-09 15:48 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-07 19:06 - 2013-05-09 15:48 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-07 18:58 - 2014-05-10 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager
2014-10-07 18:58 - 2013-07-27 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-10-07 18:58 - 2013-07-27 22:56 - 00000000 ____D () C:\Program Files\AutoHotkey
2014-10-07 18:58 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew
2014-10-07 18:56 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-07 18:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-07 18:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-07 18:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-07 18:55 - 2014-08-19 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaloMa
2014-10-07 18:55 - 2014-07-19 10:42 - 00000000 ____D () C:\Program Files (x86)\LAV Filters
2014-10-07 18:55 - 2014-05-10 14:50 - 00000000 ____D () C:\Program Files (x86)\DSL-Manager
2014-10-07 18:55 - 2014-05-09 23:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-07 18:55 - 2014-05-06 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram CDF Player
2014-10-07 18:55 - 2014-05-06 10:46 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research
2014-10-07 18:55 - 2014-05-02 19:49 - 00000000 ____D () C:\Program Files (x86)\KaloMa
2014-10-07 18:55 - 2014-04-23 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sharkystrator
2014-10-07 18:55 - 2014-04-17 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CREVbeta
2014-10-07 18:55 - 2014-03-26 20:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-07 18:55 - 2014-03-26 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-07 18:55 - 2014-03-18 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-07 18:55 - 2014-03-18 16:18 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-07 18:55 - 2014-03-18 16:18 - 00000000 ____D () C:\Program Files\iTunes
2014-10-07 18:55 - 2014-03-11 00:04 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Battle.net
2014-10-07 18:55 - 2014-02-27 11:33 - 00000000 ____D () C:\Users\Nils\Documents\888poker
2014-10-07 18:55 - 2014-02-27 11:33 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\PacificPoker
2014-10-07 18:55 - 2013-10-15 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flopzilla
2014-10-07 18:55 - 2013-09-15 11:36 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-10-07 18:55 - 2013-07-28 21:30 - 00000000 ____D () C:\ProgramData\webex
2014-10-07 18:55 - 2013-06-02 16:22 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker.Eu
2014-10-07 18:55 - 2013-04-14 15:46 - 00000000 ____D () C:\Users\Nils\AppData\Local\Sharkystrator
2014-10-07 18:55 - 2013-04-14 15:23 - 00000000 ____D () C:\Program Files (x86)\Sharkystrator
2014-10-07 18:55 - 2013-04-02 01:09 - 00000000 ____D () C:\Users\Nils\AppData\Local\Equilab
2014-10-07 18:55 - 2013-03-31 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-07 18:55 - 2013-03-31 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-10-07 18:55 - 2013-03-31 19:04 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-10-07 18:55 - 2013-03-31 16:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-07 18:55 - 2013-03-31 16:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-07 18:55 - 2013-03-03 11:00 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\HoldemManager
2014-10-07 18:55 - 2012-10-27 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-10-07 18:55 - 2012-09-14 00:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-07 18:55 - 2012-09-09 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-07 18:55 - 2012-08-23 19:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienAutopsy
2014-10-07 18:55 - 2012-08-12 17:40 - 00000000 ____D () C:\Users\Nils\AppData\Local\PokerStars.EU
2014-10-07 18:55 - 2012-08-12 17:40 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-10-07 18:55 - 2012-02-21 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-10-07 18:55 - 2012-02-03 11:44 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\GRETECH
2014-10-07 18:55 - 2012-02-03 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
2014-10-07 18:55 - 2012-02-03 11:44 - 00000000 ____D () C:\Program Files (x86)\GRETECH
2014-10-07 18:55 - 2011-12-07 12:54 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-10-07 18:55 - 2011-11-16 17:23 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-07 18:55 - 2011-11-15 21:05 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-07 18:55 - 2011-11-15 20:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-07 18:55 - 2011-11-15 20:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-07 18:55 - 2011-11-09 19:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-07 18:55 - 2011-11-09 19:21 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2014-10-07 18:55 - 2011-11-09 19:10 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-07 18:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-10-07 18:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-10-07 18:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2014-10-07 18:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-07 18:54 - 2014-07-19 10:57 - 00000000 ____D () C:\Users\Nils\Anaconda
2014-10-07 18:54 - 2014-05-24 19:54 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Spotify
2014-10-07 18:43 - 2014-03-11 01:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-07 18:43 - 2013-03-31 19:05 - 00000000 ____D () C:\Users\Nils\AppData\Local\PokerTracker 4
2014-10-07 18:43 - 2011-11-15 20:29 - 00000000 ____D () C:\ProgramData\Skype
2014-10-07 18:42 - 2014-05-06 10:46 - 00000000 ____D () C:\Program Files\Extras
2014-10-07 18:42 - 2014-03-18 16:18 - 00000000 ____D () C:\Program Files\iPod
2014-10-07 18:41 - 2013-11-12 23:01 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-10-07 18:11 - 2014-08-19 23:41 - 00000000 ____D () C:\Users\Nils\Documents\Fitness
2014-10-07 10:04 - 2013-06-02 16:22 - 00000000 ____D () C:\Users\Nils\AppData\Local\FullTiltPoker.eu
2014-10-06 22:47 - 2014-08-20 22:56 - 00000222 _____ () C:\Users\Nils\BullseyeCoverageError.txt
2014-10-06 14:02 - 2014-05-24 19:55 - 00000000 ____D () C:\Users\Nils\AppData\Local\Spotify
2014-09-26 10:10 - 2014-07-19 11:01 - 00000000 ____D () C:\Users\Nils\Documents\IPython Notebooks
2014-09-26 10:02 - 2014-07-19 11:09 - 00000000 ____D () C:\Users\Nils\.matplotlib
2014-09-23 12:51 - 2013-10-08 20:24 - 00000000 ____D () C:\Users\Nils\Documents\Camtasia Studio
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 09:57 - 2013-04-01 11:43 - 00000000 ____D () C:\Users\Nils\Documents\Poker
Some content of TEMP:
====================
C:\Users\Nils\AppData\Local\Temp\ApnIC.dll
C:\Users\Nils\AppData\Local\Temp\ApnStub.exe
C:\Users\Nils\AppData\Local\Temp\ApnToolbarInstaller.exe
C:\Users\Nils\AppData\Local\Temp\avguidx.dll
C:\Users\Nils\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Nils\AppData\Local\Temp\dateinj01.dll
C:\Users\Nils\AppData\Local\Temp\dmyaydnf.dll
C:\Users\Nils\AppData\Local\Temp\dyyno_Hp3272_DyynoSetup.exe
C:\Users\Nils\AppData\Local\Temp\f5wiq4th.dll
C:\Users\Nils\AppData\Local\Temp\GomEncDnInstaller.exe
C:\Users\Nils\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Nils\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Nils\AppData\Local\Temp\oi_{160E6071-CB48-4290-858A-C4A750A9872F}.exe
C:\Users\Nils\AppData\Local\Temp\oi_{362566DC-0C71-48A5-9F6D-E771ED7D8E41}.exe
C:\Users\Nils\AppData\Local\Temp\oi_{A2F0BDED-5B37-4654-95F7-98B35F0561D8}.exe
C:\Users\Nils\AppData\Local\Temp\Sharkystrator_ins.exe
C:\Users\Nils\AppData\Local\Temp\SIInvoker.exe
C:\Users\Nils\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nils\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Nils\AppData\Local\Temp\stageremote_2.0.0.43_2.0.0.50_update_all.exe
C:\Users\Nils\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Nils\AppData\Local\Temp\uninst1.exe
C:\Users\Nils\AppData\Local\Temp\UNINSTALL.exe
C:\Users\Nils\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 22:54
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Nils at 2014-10-07 20:14:12
Running from C:\Users\Nils\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4t Tray Minimizer Free 5.52 (HKLM-x32\...\4t Tray Minimizer_is1) (Version: 5.52 - 4t Niagara Software)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.55 - PC-Doctor, Inc.)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.4.595.10 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10419 - ATI Technologies Inc.) Hidden
Aurora-R3 Manual (HKLM-x32\...\InstallShield_{CA8128ED-01A5-4447-9BBB-7684DB57F1AB}) (Version: 1.0.0.1 - Alienware Corp.)
Aurora-R3 Manual (Version: 1.0.0.1 - Alienware Corp.) Hidden
AutoHotkey 1.1.11.01 (HKLM\...\AutoHotkey) (Version: 1.1.11.01 - Lexikos)
Betfred Poker (HKCU\...\Betfred Poker) (Version: - )
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: - )
Bigfoot Networks Killer Network Manager (Version: 6.1.0.167 - Bigfoot Networks) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Command Center (HKLM-x32\...\InstallShield_{3807E4A2-1E4A-4FD2-B69E-054934C53EE4}) (Version: 2.6.17.0 - Alienware Corp.)
Command Center (Version: 2.6.17.0 - Alienware Corp.) Hidden
CREVbeta (HKLM-x32\...\{6B7961D1-A7A3-4F1A-927B-E1EFACB9AE4F}) (Version: 2.9.4 - CardRunnersEV)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version: - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Flopzilla (HKLM-x32\...\{8503B9A4-7C80-4AFA-92FB-EA6941EB540E}) (Version: 1.6.5 - Flopzilla)
Free YouTube to MP3 Converter version 3.12.3.610 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.3.610 - DVDVideoSoft Ltd.)
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.59.12.WIN.FullTilt.EU - )
Gambit 13 (HKLM-x32\...\{5BDEDA0E-AE75-48F9-8E33-27D725F2DCB6}) (Version: 13.1.1 - The Gambit Project)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.50.5145 - Gretech Corporation)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HUSNG.com CoffeeHUD version v1.4.3, along with all custom stats (HKLM-x32\...\{B484C550-70AF-4E08-8F57-CFF0D9555A63}_is1) (Version: v1.4.3, along with all custom stats - CoffeeHUD)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Mathematica Extras 9.0 (4092550) (HKLM\...\A-WIN-Extras 9.0.1 4092550_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network Recording Player (HKLM-x32\...\{1E8D5C8F-7DA3-4B08-9C06-03A0B7FE1FB5}) (Version: 2.29.3220 - Cisco WebEx LLC)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
Razer Imperator (HKLM-x32\...\{C05905B9-775A-4894-A4DF-B57C15250958}) (Version: 2.01.06 - Razer USA Ltd.)
Razer StarCraft II (HKLM-x32\...\{CA050D8C-770A-41A7-B966-0056456EA27E}) (Version: 1.02.01 - Razer USA Ltd.)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6309 - Realtek Semiconductor Corp.)
Sharkystrator version 2.0.67a (HKLM-x32\...\{4B102035-6549-4BC4-BA49-D3A5A4B98181}_is1) (Version: 2.0.67a - Sharkystrator)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Unibet (HKLM-x32\...\unibetpoker (Poker)) (Version: 16.6.2.11243 - )
William Hill Poker (HKCU\...\William Hill Poker) (Version: - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wolfram CDF Player (M-WIN-D 9.0.1 4092685) (HKLM-x32\...\M-WIN-D 9.0.1 4092685_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
XSplit (HKLM-x32\...\{F3EF5DE8-1120-4B77-99A3-4DC232E8C129}) (Version: 1.0.1201.0504 - SplitMediaLabs)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
01-10-2014 14:46:22 Windows Update
05-10-2014 06:00:42 Windows Update
06-10-2014 21:01:29 Windows-Sicherung
06-10-2014 21:04:18 Windows-Sicherung
07-10-2014 16:24:57 Wiederherstellungsvorgang
07-10-2014 17:01:38 Windows Update
07-10-2014 17:01:41 Windows Update
07-10-2014 17:03:29 Windows Modules Installer
07-10-2014 17:04:28 Windows Modules Installer
07-10-2014 17:13:00 Removed TN2
07-10-2014 17:17:18 Windows-Sicherung
07-10-2014 17:41:25 Windows Update
07-10-2014 17:54:45 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {241FE840-CDC4-44F6-A663-96FB0DF4E903} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09] (Google Inc.)
Task: {2848E24C-B7EF-4987-9521-E14D863AD797} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {30E8215B-82FD-4C33-953F-12C7F04620D2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-07] (Adobe Systems Incorporated)
Task: {338D3C42-F20F-4B85-AAA8-8AA12141AFB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09] (Google Inc.)
Task: {568C11BA-DFE4-4F3A-9D4F-CFF5C99E8DFA} - System32\Tasks\PCDEventLauncher => C:\Program Files\AlienAutopsy\sessionchecker.exe [2012-08-19] (PC-Doctor, Inc.)
Task: {674999DA-158E-4754-8398-FF9B008DBADB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {AE491703-D5D2-4626-B8CF-11E3F7285F4F} - System32\Tasks\VideoSaver Update => C:\Program Files (x86)\VideoSaver\vdsvrur.exe
Task: {FB816ACA-2FDA-42F3-A353-6179054BB797} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2012-08-19] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\VideoSaver Update.job => C:\Program Files (x86)\VideoSaver\vdsvrur.exe
==================== Loaded Modules (whitelisted) =============
2011-06-11 04:54 - 2011-06-11 04:54 - 00466944 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
2011-05-09 20:46 - 2011-05-09 20:46 - 02760192 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 09856000 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 00416256 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2011-06-11 04:54 - 2011-06-11 04:54 - 00200192 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 00731648 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 00990720 _____ () C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2013-03-31 20:57 - 2012-09-21 09:55 - 00217600 _____ () C:\Program Files (x86)\PostgreSQL\9.0\bin\LIBPQ.dll
2013-03-31 20:57 - 2012-08-14 14:02 - 02258432 _____ () C:\Program Files (x86)\PostgreSQL\9.0\bin\libxml2.dll
2011-11-09 19:30 - 2011-11-09 19:32 - 00090552 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\AlienLabsTools\v4.0_2.6.17.0__bebb3c8816410241\AlienLabsTools.dll
2011-11-09 19:32 - 2011-11-09 19:32 - 00038352 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\v4.0_2.6.17.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
2011-05-02 13:23 - 2011-05-02 13:23 - 00156088 _____ () C:\Program Files\Alienware\Command Center\AlienFusionDomain.dll
2011-05-02 13:23 - 2011-05-02 13:23 - 00009680 _____ () C:\Program Files\Alienware\Command Center\de\AlienFusionDomain.resources.dll
2011-05-02 13:23 - 2011-05-02 13:23 - 00016832 _____ () C:\Program Files\Alienware\Command Center\AlienFusionController.exe
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-09 23:29 - 2014-05-09 23:29 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-14 13:25 - 2014-02-14 13:25 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2011-11-09 19:23 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Tiny download manager => "C:\Users\Nils\AppData\Local\DM\TinyDM.exe" /M
========================= Accounts: ==========================
Administrator (S-1-5-21-600141326-3266101818-2043295989-500 - Administrator - Disabled)
Gast (S-1-5-21-600141326-3266101818-2043295989-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-600141326-3266101818-2043295989-1004 - Limited - Enabled)
Nils (S-1-5-21-600141326-3266101818-2043295989-1000 - Administrator - Enabled) => C:\Users\Nils
postgres (S-1-5-21-600141326-3266101818-2043295989-1002 - Limited - Enabled) => C:\Users\postgres.SkaiWalkurrr.000
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/07/2014 08:05:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 07:22:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 07:00:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 06:32:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 06:18:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 01:43:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/06/2014 10:51:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/06/2014 10:47:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x99c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (10/06/2014 10:47:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.3.5379, Zeitstempel: 0x54224e6b
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.3.5379, Zeitstempel: 0x54221b67
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1e6c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (10/06/2014 07:09:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2978668)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2952664)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2993651)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2973351)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2977728)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2982378)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Kumulatives Sicherheitsupdate für Internet Explorer 11 für Windows 7 für x64-Systeme (KB2976627)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5.1 unter Windows 7 und Windows Server 2008 R2 SP1 für x64-basierte Systeme (KB2973112)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2980245)
Error: (10/07/2014 08:07:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2998527)
Microsoft Office Sessions:
=========================
Error: (10/07/2014 08:05:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 07:22:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 07:00:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 06:32:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 06:18:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/07/2014 01:43:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/06/2014 10:51:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/06/2014 10:47:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b99c01cfe1a6b77f85d8C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll04a9fc06-4d9a-11e4-832c-f04da2de2edd
Error: (10/06/2014 10:47:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b1e6c01cfe1a6b6aaa68aC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllfcb05b0a-4d99-11e4-832c-f04da2de2edd
Error: (10/06/2014 07:09:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-09-15 12:28:49.368
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-09-15 12:28:49.348
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-09-15 12:28:48.888
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-09-15 12:28:48.838
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 37%
Total physical RAM: 8173.6 MB
Available physical RAM: 5073.09 MB
Total Pagefile: 16345.38 MB
Available Pagefile: 11561.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:921.65 GB) (Free:788.55 GB) NTFS
Drive f: (Elements) (Fixed) (Total:465.76 GB) (Free:177.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08000000)
Partition 1: (Not Active) - (Size=133 MB) - (Type=DE)
Partition 2: (Active) - (Size=9.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=921.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0002E78D)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Vielen Dank im Voraus
Habe nochmal eine Systemwiederherstellung gemacht. Hier der aktuelle FRST.text
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Nils (administrator) on SKAIWALKURRR on 07-10-2014 23:21:25
Running from C:\Users\Nils\Downloads
Loaded Profiles: Nils & postgres (Available profiles: Nils & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\Nils\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alienware Corp) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Alienware Corporation) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
() C:\Program Files (x86)\Sharkystrator\sharkystrator.exe
() C:\Program Files (x86)\Sharkystrator\data\server\sharkystrator_server.exe
(PC-Doctor, Inc.) C:\Program Files\AlienAutopsy\uaclauncher.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11777128 2011-02-14] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13256 2011-05-02] (Microsoft)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Razer StarcraftII Driver] => C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray
HKLM-x32\...\Run: [Razer Imperator Driver] => C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-01-16] (Razer USA Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.6.0_22\bin\jusched.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKU\S-1-5-21-600141326-3266101818-2043295989-1000\...\Run: [Tiny download manager] => "C:\Users\Nils\AppData\Local\DM\TinyDM.exe" /M
HKU\S-1-5-21-600141326-3266101818-2043295989-1000\...\Run: [Spotify Web Helper] => C:\Users\Nils\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-21] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Networks Killer Network Manager.lnk
ShortcutTarget: Bigfoot Networks Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files (x86)\DSL-Manager\DslMgr.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=F0A200190303E113&affID=120695&tt=300613_dltp&tsp=4929
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.de/alienware
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F0A200190303E113&affID=120695&tt=300613_dltp&tsp=4929
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {D284F9FC-1AA0-4A91-BA49-CD47D0631904} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=8013CF58-C325-48CD-838F-DBEA93F519F5&apn_sauid=77F38B40-489F-4563-8701-17B712079D9F
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\7duqbjwb.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: https://dub113.mail.live.com/default.aspx
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nils\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\7duqbjwb.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\7duqbjwb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-09-24]
Chrome:
=======
CHR Profile: C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [476072 2014-07-19] (Protection Technology)
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [466944 2011-06-11] () [File not signed]
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5278064 2014-09-09] (Binary Fortress Software)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2209624 2014-07-19] (Protection Technology)
R3 BfEdge7x64; C:\Windows\System32\DRIVERS\Edge7x64.sys [31336 2011-06-11] (Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\DRIVERS\Xeno7x64.sys [157288 2011-06-11] (Bigfoot Networks, Inc.)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [115200 2010-10-15] (Razer USA Ltd)
S3 PCDSRVC{0FF99CEB-15C9CE9E-06020200}_0; \??\c:\program files\alienautopsy\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-07 23:21 - 2014-10-07 23:21 - 02109952 _____ (Farbar) C:\Users\Nils\Downloads\FRST64.exe
2014-10-07 20:14 - 2014-10-07 20:14 - 00035095 _____ () C:\Users\Nils\Downloads\Addition.txt
2014-10-07 20:08 - 2014-10-07 23:21 - 00015007 _____ () C:\Users\Nils\Downloads\FRST.txt
2014-10-07 20:07 - 2014-10-07 23:21 - 00000000 ____D () C:\FRST
2014-10-07 13:47 - 2014-10-07 13:47 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Avira
2014-10-07 13:45 - 2014-10-07 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-07 13:45 - 2014-10-07 13:46 - 00000000 ____D () C:\ProgramData\Avira
2014-10-07 00:10 - 2014-10-07 13:46 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-06 22:47 - 2014-10-06 22:47 - 00000000 ____D () C:\Users\Nils\AppData\Local\CrashDumps
2014-10-05 21:47 - 2014-10-05 21:47 - 00007081 _____ () C:\Users\Nils\AppData\Local\recently-used.xbel
2014-10-03 14:50 - 2014-10-07 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sharkystrator
2014-10-01 22:31 - 2014-10-07 10:04 - 00000000 ____D () C:\Users\Nils\AppData\Local\AuxClient
2014-10-01 09:51 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:51 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 11:45 - 2014-09-30 11:45 - 60849414 _____ () C:\Users\Nils\Downloads\The Classy Issue May Mixtape.m4a
2014-09-24 22:56 - 2014-10-07 21:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 21:59 - 2014-09-24 21:59 - 01784981 _____ (EVDiff.com) C:\Users\Nils\Downloads\coffeecalcs_installer(1).exe
2014-09-24 13:19 - 2014-10-07 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCalcs - husng.com
2014-09-24 13:19 - 2014-10-07 22:03 - 00000000 ____D () C:\Program Files (x86)\CoffeeCalcs - husng.com
2014-09-24 13:19 - 2014-09-24 21:59 - 00001133 _____ () C:\Users\postgres.SkaiWalkurrr.000\Desktop\CoffeeCalcs.lnk
2014-09-24 13:19 - 2014-09-24 13:19 - 01784277 _____ (EVDiff.com) C:\Users\Nils\Downloads\coffeecalcs_installer.exe
2014-09-24 13:19 - 2014-09-24 13:19 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCalcs - husng.com
2014-09-24 09:41 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:41 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-21 10:34 - 2014-09-21 10:41 - 00000000 ____D () C:\Users\Nils\AppData\Local\DisplayFusion
2014-09-21 10:33 - 2014-10-07 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2014-09-21 10:33 - 2014-10-07 22:03 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2014-09-21 10:33 - 2014-10-07 21:59 - 00000000 __SHD () C:\Users\Nils\AppData\Roaming\Common
2014-09-21 10:33 - 2014-09-21 10:33 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\DisplayFusion
2014-09-21 10:33 - 2014-09-21 10:33 - 00000000 ____D () C:\ProgramData\Binary Fortress Software
2014-09-21 10:32 - 2014-09-21 10:32 - 10533864 _____ (Binary Fortress Software ) C:\Users\Nils\Downloads\DisplayFusionSetup-6.1.2.exe
2014-09-21 10:11 - 2014-10-07 21:59 - 00000000 ____D () C:\Users\Nils\AppData\Local\gtk-2.0
2014-09-21 10:11 - 2014-09-21 10:11 - 00000000 ____D () C:\Users\Nils\.thumbnails
2014-09-21 10:08 - 2014-10-07 21:58 - 00000000 ____D () C:\Program Files\GIMP 2
2014-09-21 10:08 - 2014-10-05 21:48 - 00000000 ____D () C:\Users\Nils\.gimp-2.8
2014-09-21 10:08 - 2014-09-21 10:08 - 00000896 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-09-21 10:08 - 2014-09-21 10:08 - 00000000 ____D () C:\Users\Nils\AppData\Local\gegl-0.2
2014-09-21 10:07 - 2014-09-21 10:07 - 91670064 _____ (The GIMP Team ) C:\Users\Nils\Downloads\gimp-2.8.14-setup.exe
2014-09-19 21:40 - 2014-10-07 21:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-19 21:40 - 2014-10-07 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-11 10:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 10:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 10:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 10:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 10:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 10:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 10:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 10:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 10:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 10:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 10:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 10:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 10:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 10:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 10:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 10:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 10:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 10:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 10:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 10:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 10:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 10:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 10:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 10:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 10:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 10:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 10:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 10:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 10:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 10:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 10:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 10:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 10:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 10:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 10:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 10:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 10:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 10:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 10:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 10:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 10:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 10:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 10:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 10:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 10:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 10:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 10:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 10:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 10:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 10:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 10:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 10:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 10:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 10:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 10:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 10:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 10:07 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 10:07 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 08:08 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 08:08 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 08:08 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 08:08 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 08:08 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 08:08 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 08:08 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 08:08 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 08:08 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 08:08 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 08:08 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 18:55 - 2014-10-07 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-10 18:55 - 2014-10-07 21:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-10 18:55 - 2014-10-07 21:58 - 00000000 ____D () C:\Program Files\iTunes
2014-09-10 18:55 - 2014-10-07 21:58 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 14:56 - 2014-09-10 14:56 - 00000083 _____ () C:\Users\Nils\Downloads\ADRIANE-KNOPPIX_V7.2.0bootonly-2013-07-28-EN.iso.md5
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-07 23:11 - 2011-11-15 20:29 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Skype
2014-10-07 23:10 - 2014-05-02 19:49 - 00000000 ____D () C:\Program Files (x86)\KaloMa
2014-10-07 22:58 - 2013-05-09 15:48 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-07 22:50 - 2014-08-19 23:41 - 00000000 ____D () C:\Users\Nils\Documents\Fitness
2014-10-07 22:47 - 2014-08-20 22:56 - 00000222 _____ () C:\Users\Nils\BullseyeCoverageError.txt
2014-10-07 22:36 - 2013-06-30 22:46 - 00000378 _____ () C:\Windows\Tasks\VideoSaver Update.job
2014-10-07 22:36 - 2012-07-01 10:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-07 22:16 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 22:16 - 2009-07-14 06:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 22:11 - 2011-11-09 19:07 - 01137541 _____ () C:\Windows\WindowsUpdate.log
2014-10-07 22:09 - 2012-08-12 17:40 - 00000000 ____D () C:\Users\Nils\AppData\Local\PokerStars.EU
2014-10-07 22:06 - 2013-03-31 19:04 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-10-07 22:03 - 2014-07-19 11:01 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (32-bit)
2014-10-07 22:03 - 2013-05-09 15:48 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-07 22:03 - 2013-03-31 20:58 - 00000000 ____D () C:\Users\postgres.SkaiWalkurrr.000
2014-10-07 22:03 - 2013-03-31 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-10-07 22:03 - 2011-11-15 20:45 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-07 22:03 - 2011-11-15 19:23 - 00000000 ____D () C:\Users\Nils
2014-10-07 22:03 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-07 22:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-07 22:03 - 2009-07-14 06:51 - 00497879 _____ () C:\Windows\setupact.log
2014-10-07 22:00 - 2014-04-30 01:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-07 22:00 - 2012-10-27 12:52 - 00000000 ____D () C:\Users\postgres
2014-10-07 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-07 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-07 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-07 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-07 21:59 - 2014-08-20 22:56 - 00000000 ____D () C:\Users\Nils\AppData\Local\Unity
2014-10-07 21:59 - 2014-08-14 14:58 - 00000000 ____D () C:\Users\Nils\AppData\Local\Razer_Inc
2014-10-07 21:59 - 2014-08-02 11:08 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graphviz 2.38
2014-10-07 21:59 - 2014-07-19 10:57 - 00000000 ____D () C:\Users\Nils\Anaconda
2014-10-07 21:59 - 2014-05-24 19:54 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Spotify
2014-10-07 21:59 - 2014-03-11 00:04 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Battle.net
2014-10-07 21:59 - 2014-02-27 11:33 - 00000000 ____D () C:\Users\Nils\Documents\888poker
2014-10-07 21:59 - 2014-02-27 11:33 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\PacificPoker
2014-10-07 21:59 - 2013-11-12 23:01 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\TableNinja.v2
2014-10-07 21:59 - 2013-09-15 11:36 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-10-07 21:59 - 2013-04-14 15:46 - 00000000 ____D () C:\Users\Nils\AppData\Local\Sharkystrator
2014-10-07 21:59 - 2013-04-02 01:09 - 00000000 ____D () C:\Users\Nils\AppData\Local\Equilab
2014-10-07 21:59 - 2013-03-03 11:00 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\HoldemManager
2014-10-07 21:59 - 2011-11-15 21:05 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-07 21:59 - 2011-11-09 19:10 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-07 21:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-10-07 21:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-10-07 21:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-10-07 21:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2014-10-07 21:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-07 21:58 - 2014-08-19 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaloMa
2014-10-07 21:58 - 2014-08-17 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flopzilla
2014-10-07 21:58 - 2014-07-19 10:42 - 00000000 ____D () C:\Program Files (x86)\LAV Filters
2014-10-07 21:58 - 2014-07-17 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CREVbeta
2014-10-07 21:58 - 2013-06-02 16:22 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker.Eu
2014-10-07 21:58 - 2013-04-14 15:23 - 00000000 ____D () C:\Program Files (x86)\Sharkystrator
2014-10-07 21:58 - 2013-03-31 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-07 21:58 - 2013-03-31 16:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-07 21:58 - 2013-03-31 16:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-07 21:58 - 2012-09-14 00:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-07 21:58 - 2012-09-09 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-07 21:58 - 2012-08-23 19:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienAutopsy
2014-10-07 21:58 - 2012-08-12 17:40 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-10-07 21:58 - 2011-11-16 17:23 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-07 21:58 - 2011-11-15 20:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-07 21:58 - 2011-11-15 20:29 - 00000000 ____D () C:\ProgramData\Skype
2014-10-07 21:58 - 2011-11-09 19:21 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2014-10-07 21:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-07 21:49 - 2010-11-21 08:49 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-10-07 21:41 - 2014-07-17 11:33 - 00000000 ____D () C:\Users\Nils\AppData\Roaming\Mathematica
2014-10-07 21:41 - 2013-04-01 11:43 - 00000000 ____D () C:\Users\Nils\Documents\Poker
2014-10-07 21:41 - 2013-03-31 19:05 - 00000000 ____D () C:\Users\Nils\AppData\Local\PokerTracker 4
2014-10-07 21:40 - 2014-07-19 11:02 - 00000000 ____D () C:\Users\Nils\.ipython
2014-10-07 21:40 - 2014-03-11 01:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-07 21:40 - 2013-07-28 21:30 - 00000000 ____D () C:\ProgramData\webex
2014-10-07 21:40 - 2013-03-03 13:34 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-10-07 21:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-07 21:38 - 2014-08-02 11:07 - 00000000 ____D () C:\Program Files (x86)\Graphviz2.38
2014-10-07 20:37 - 2013-08-07 22:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-07 18:58 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew
2014-10-07 18:55 - 2012-02-03 11:44 - 00000000 ____D () C:\Program Files (x86)\GRETECH
2014-10-07 18:55 - 2011-12-07 12:54 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-10-07 18:42 - 2014-05-06 10:46 - 00000000 ____D () C:\Program Files\Extras
2014-10-07 18:41 - 2013-11-12 23:01 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-10-07 10:04 - 2013-06-02 16:22 - 00000000 ____D () C:\Users\Nils\AppData\Local\FullTiltPoker.eu
2014-10-06 14:02 - 2014-05-24 19:55 - 00000000 ____D () C:\Users\Nils\AppData\Local\Spotify
2014-09-26 10:10 - 2014-07-19 11:01 - 00000000 ____D () C:\Users\Nils\Documents\IPython Notebooks
2014-09-26 10:02 - 2014-07-19 11:09 - 00000000 ____D () C:\Users\Nils\.matplotlib
2014-09-23 22:36 - 2012-07-01 10:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 22:36 - 2012-04-21 10:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 22:36 - 2012-01-31 01:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 12:51 - 2013-10-08 20:24 - 00000000 ____D () C:\Users\Nils\Documents\Camtasia Studio
2014-09-23 12:48 - 2012-10-31 11:52 - 00007168 _____ () C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-20 09:11 - 2011-11-09 19:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-15 19:35 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-15 10:56 - 2010-11-21 08:50 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-09-15 10:56 - 2010-11-21 08:50 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-09-15 10:56 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 10:12 - 2011-11-15 20:45 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 10:12 - 2011-11-15 20:45 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-11 10:12 - 2011-02-11 12:22 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 10:08 - 2011-11-24 10:26 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Nils\AppData\Local\Temp\ApnIC.dll
C:\Users\Nils\AppData\Local\Temp\ApnStub.exe
C:\Users\Nils\AppData\Local\Temp\ApnToolbarInstaller.exe
C:\Users\Nils\AppData\Local\Temp\avguidx.dll
C:\Users\Nils\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Nils\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Nils\AppData\Local\Temp\dateinj01.dll
C:\Users\Nils\AppData\Local\Temp\dmyaydnf.dll
C:\Users\Nils\AppData\Local\Temp\dyyno_Hp3272_DyynoSetup.exe
C:\Users\Nils\AppData\Local\Temp\f5wiq4th.dll
C:\Users\Nils\AppData\Local\Temp\GomEncDnInstaller.exe
C:\Users\Nils\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Nils\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Nils\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Nils\AppData\Local\Temp\oi_{160E6071-CB48-4290-858A-C4A750A9872F}.exe
C:\Users\Nils\AppData\Local\Temp\oi_{362566DC-0C71-48A5-9F6D-E771ED7D8E41}.exe
C:\Users\Nils\AppData\Local\Temp\oi_{A2F0BDED-5B37-4654-95F7-98B35F0561D8}.exe
C:\Users\Nils\AppData\Local\Temp\Sharkystrator_ins.exe
C:\Users\Nils\AppData\Local\Temp\SIInvoker.exe
C:\Users\Nils\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nils\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Nils\AppData\Local\Temp\stageremote_2.0.0.43_2.0.0.50_update_all.exe
C:\Users\Nils\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Nils\AppData\Local\Temp\uninst1.exe
C:\Users\Nils\AppData\Local\Temp\UNINSTALL.exe
C:\Users\Nils\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 22:54
==================== End Of Log ============================ --- --- ---
--- --- --- |