Karakal15 | 02.02.2015 11:35 | Danke für die schnelle Antwort!
Hier die FRST. txt:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by *** (administrator) on ***-PC_HP on 02-02-2015 11:32:53
Running from C:\Users\***\Desktop
Loaded Profiles: ***************
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(ProdEx Technologies) C:\Windows\SysWOW64\slpservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Windows\System32\valWBFPolicyService.exe
(Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2014-02-03] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Premium_Sonderedition\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2707992 2014-09-03] (Sony Corporation)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILRE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Run: [Amazon Cloud Player] => C:\Users\Wyn\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2014-12-29] (SlySoft, Inc.)
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Run: [GoogleChromeAutoLaunch_18C8ADFAF96BD2AADE491DE6AD910887] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-01-25] (Google Inc.)
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1718536 2014-07-24] (CyberLink Corp.)
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\MountPoints2: F - "F:\Autorun.exe"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\MountPoints2: H - "H:\Autorun.exe"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\MountPoints2: {d1d19ffd-62d5-11e4-bebf-3423873bf9ca} - "F:\AutoRun.exe"
HKU\S-1-5-18\...\CurrentVersion\Windows: [Load] ,slpmonx.exe <===== ATTENTION
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Behringer X-UF USB Control Panel.lnk
ShortcutTarget: Behringer X-UF USB Control Panel.lnk -> C:\Program Files\behringer\UsbAudioDriver_XUF\X-UF USB Control Panel.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nach Updates suchen.lnk
ShortcutTarget: Nach Updates suchen.lnk -> C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe (PCTV Systems)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartCapture.lnk
ShortcutTarget: SmartCapture.lnk -> C:\Program Files (x86)\Seiko Instruments Inc\Smart Label Printer 7.1.1\slpcap.exe (Seiko Instruments USA Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Wyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Wyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk
ShortcutTarget: Telegram.lnk -> C:\Users\Wyn\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe (Telegram Messenger LLP)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
SearchScopes: HKLM -> {3F9AB413-213D-47E2-9067-C5033A64AA06} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {3F9AB413-213D-47E2-9067-C5033A64AA06} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002 -> {3F9AB413-213D-47E2-9067-C5033A64AA06} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Wyn\AppData\Roaming\Mozilla\Firefox\Profiles\auim9r1r.default
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4126525249-1915814395-1466209751-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Wyn\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll No File
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2014-12-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-08-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-08-21]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-08-21]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-08-21]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-08-21]
FF HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-31]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-03]
CHR Extension: (Google-Suche) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-03]
CHR Extension: (Kaspersky Protection) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-08-28]
CHR Extension: (Google Kalender) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-02-03]
CHR Extension: (Website Logon) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2014-02-03]
CHR Extension: (Premiumize.me) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm [2014-05-08]
CHR Extension: (Google Wallet) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-03]
CHR Extension: (Google Mail) - C:\Users\Wyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-03]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 Apache2.4; C:\xampp\xampp\apache\bin\httpd.exe [22016 2013-11-21] (Apache Software Foundation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [11776 2012-11-02] (Olof Lagerkvist) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 mysql; C:\xampp\xampp\mysql\bin\mysqld.exe [10966528 2014-01-14] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [484888 2014-09-03] (Sony Corporation)
R2 SLPMONX; C:\WINDOWS\SysWOW64\slpservice.exe [32256 2001-10-09] (ProdEx Technologies) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-02-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [238920 2013-12-02] (Xerox Corporation)
S2 FileZillaServer; "C:\xampp\filezillaftp\filezillaserver.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2014-03-08] () [File not signed]
S3 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [18456 2012-11-02] (Olof Lagerkvist)
R3 azvusb; C:\Windows\System32\drivers\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
S3 behringer_xuf_usb; C:\Windows\System32\Drivers\behringer_xuf_usb_x64.sys [116416 2013-06-13] (Archwave AG)
S3 behringer_xuf_usb_avs; C:\Windows\System32\Drivers\behringer_xuf_usb_avs_x64.sys [72384 2013-06-13] (Archwave AG)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S2 DLPortIO; C:\Windows\SysWow64\Drivers\DLPortIO.sys [3584 1999-01-10] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 FWLANUSB; C:\Windows\system32\DRIVERS\fwlanusb.sys [459776 2006-07-31] (AVM GmbH)
S1 hwinterfacex64; C:\Windows\System32\Drivers\hwinterfacex64.sys [5632 2014-05-17] (Logix4u) [File not signed]
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R2 ImDisk; C:\Windows\system32\DRIVERS\imdisk.sys [39464 2012-11-02] (Olof Lagerkvist)
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [178944 2013-01-28] (ITE )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2014-10-10] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2014-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2014-03-08] () [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\system32\DRIVERS\mod7700.sys [1159696 2009-07-22] (DiBcom SA)
S3 MODRC; C:\Windows\system32\DRIVERS\modrc.sys [24208 2009-07-22] (DiBcom S.A.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 okdmx31; C:\Windows\System32\Drivers\okdmx31.sys [3712 2014-05-17] () [File not signed]
S3 okdmx31; C:\Windows\SysWOW64\Drivers\okdmx31.sys [3712 2014-05-17] () [File not signed]
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205872 2014-11-28] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2014-02-03] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-02-03] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-02-02] ()
S3 BlueletAudio; \SystemRoot\system32\DRIVERS\blueletaudio.sys [X]
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S3 zlportio; \??\C:\Program Files (x86)\PHOENIXstudios\PC_DIMMER\zlportio.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-02 11:32 - 2015-02-02 11:33 - 00035892 _____ () C:\Users\Wyn\Desktop\FRST.txt
2015-02-02 11:32 - 2015-02-02 11:32 - 00000000 ____D () C:\FRST
2015-02-02 11:31 - 2015-02-02 11:32 - 02131456 _____ (Farbar) C:\Users\Wyn\Desktop\FRST64.exe
2015-02-02 00:07 - 2015-02-02 00:07 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-02-01 23:02 - 2015-02-02 00:05 - 00000000 ____D () C:\AdwCleaner
2015-02-01 22:57 - 2015-02-01 22:57 - 02194432 _____ () C:\Users\Wyn\Desktop\AdwCleaner_4.109.exe
2015-02-01 18:34 - 2015-02-02 00:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 18:34 - 2015-02-01 18:34 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-01 18:34 - 2015-02-01 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-01 18:34 - 2015-02-01 18:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-01 18:34 - 2015-02-01 18:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-01 18:34 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-01 18:34 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-01 18:34 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-31 23:53 - 2015-01-31 23:53 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-01-31 19:30 - 2015-02-02 10:37 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2015-01-31 19:21 - 2015-01-31 19:21 - 00009589 _____ () C:\Users\Wyn\AppData\Local\recently-used.xbel
2015-01-24 21:02 - 2015-01-24 21:03 - 11658240 _____ () C:\Users\Wyn\Desktop\SetupAnyDVD7570.exe
2015-01-22 11:35 - 2015-01-22 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-01-20 02:52 - 2015-02-02 00:06 - 00003336 _____ () C:\WINDOWS\PFRO.log
2015-01-20 00:43 - 2015-01-20 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2015-01-20 00:39 - 2015-01-20 00:39 - 06381120 _____ (Tim Kosse) C:\Users\Wyn\Downloads\FileZilla_3.10.0.2_win32-setup.exe
2015-01-18 19:21 - 2015-01-18 22:50 - 17792878 _____ () C:\Users\Wyn\Desktop\Hyper günstig einkaufen.mp4
2015-01-17 15:07 - 2015-01-20 01:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-15 21:29 - 2013-11-12 14:25 - 00091912 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2015-01-15 16:28 - 2015-01-22 12:24 - 00028089 _____ () C:\WINDOWS\DirectX.log
2015-01-15 16:27 - 2015-01-15 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-01-14 19:10 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 19:10 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 19:10 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 19:10 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 19:10 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 19:10 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 19:10 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 19:10 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 19:10 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 19:10 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 19:10 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 19:10 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 19:10 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 19:10 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 19:10 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 19:10 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 19:10 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 19:10 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 19:10 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 19:10 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 19:10 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 19:10 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 19:10 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 19:10 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 19:10 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 19:10 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 19:10 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 19:10 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 19:10 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 19:10 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 19:10 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-13 16:25 - 2015-01-13 16:25 - 00000000 __SHD () C:\Users\Wyn\AppData\Local\EmieUserList
2015-01-13 16:25 - 2015-01-13 16:25 - 00000000 __SHD () C:\Users\Wyn\AppData\Local\EmieSiteList
2015-01-13 16:25 - 2015-01-13 16:25 - 00000000 __SHD () C:\Users\Wyn\AppData\Local\EmieBrowserModeList
2015-01-10 12:45 - 2015-01-10 12:45 - 00000000 ____D () C:\Users\Wyn\.thumbnails
2015-01-10 12:44 - 2015-01-10 13:03 - 00020480 ___SH () C:\Users\Wyn\Documents\Thumbs.db
2015-01-10 12:28 - 2015-01-31 19:21 - 00000000 ____D () C:\Users\Wyn\.gimp-2.8
2015-01-09 23:51 - 2014-10-13 06:57 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-01-09 23:51 - 2014-10-13 06:57 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-01-09 23:47 - 2015-01-09 23:47 - 00000000 ____D () C:\Users\Wyn\Documents\SelfMV
2015-01-09 16:03 - 2015-01-09 16:03 - 06388344 _____ (Tim Kosse) C:\Users\Wyn\Downloads\FileZilla_3.10.0_win32-setup.exe
2015-01-09 15:45 - 2015-01-09 22:51 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\Rechnungsverwalter
2015-01-09 15:45 - 2015-01-09 15:45 - 38940488 _____ () C:\Users\Wyn\Downloads\rv_install_V2.10.31_CB-DL-Manager [1].exe
2015-01-09 15:45 - 2015-01-09 15:45 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rechnungsverwalter
2015-01-09 15:45 - 2015-01-09 15:45 - 00000000 ____D () C:\Program Files (x86)\Rechnungsverwalter
2015-01-09 15:24 - 2015-01-09 15:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-09 15:24 - 2015-01-09 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-07 22:10 - 2015-01-07 22:10 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\IsolatedStorage
2015-01-07 22:10 - 2015-01-07 22:10 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2015-01-07 22:09 - 2015-01-07 22:09 - 00000000 ____D () C:\Spacekace
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-02 11:28 - 2014-02-26 16:28 - 00000939 _____ () C:\WINDOWS\Tasks\EPSON XP-510 Series Update {EFBB9A74-580C-4AFB-AE13-713218B4702E}.job
2015-02-02 11:28 - 2014-02-26 16:28 - 00000753 _____ () C:\WINDOWS\Tasks\EPSON XP-510 Series Invitation {EFBB9A74-580C-4AFB-AE13-713218B4702E}.job
2015-02-02 11:27 - 2014-02-03 17:16 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 11:08 - 2014-05-27 10:30 - 01943449 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-02 11:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-02 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-02 09:45 - 2015-01-01 20:36 - 00000285 _____ () C:\WINDOWS\avmcowlan.log
2015-02-02 09:34 - 2015-01-01 20:36 - 00013365 _____ () C:\WINDOWS\setupact.log
2015-02-02 00:14 - 2014-10-29 11:29 - 00000000 ____D () C:\Users\Wyn\Documents\Youcam
2015-02-02 00:07 - 2014-08-21 23:16 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-02 00:07 - 2014-02-03 17:15 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 00:07 - 2013-11-24 16:25 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-02-02 00:06 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-01 23:50 - 2014-02-03 17:15 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D926EEEF-D5BD-443A-9301-A49C67598B48}
2015-02-01 23:16 - 2014-02-03 12:02 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4126525249-1915814395-1466209751-1002
2015-02-01 20:04 - 2014-11-01 21:23 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\.minecraft
2015-02-01 19:55 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-01 18:03 - 2012-08-04 01:02 - 00000000 ____D () C:\SWSetup
2015-02-01 17:58 - 2014-02-03 15:27 - 00000000 ____D () C:\Users\Wyn
2015-02-01 17:56 - 2014-02-03 16:04 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-02-01 17:56 - 2014-02-03 16:04 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-02-01 17:46 - 2014-02-27 11:30 - 01697280 ___SH () C:\Users\Wyn\Desktop\Thumbs.db
2015-02-01 00:13 - 2014-04-10 20:22 - 00000000 ____D () C:\Program Files (x86)\Rise of Nations
2015-01-31 19:22 - 2014-04-30 17:03 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\FileZilla
2015-01-31 19:22 - 2014-04-30 17:02 - 00002016 _____ () C:\Users\Wyn\Desktop\FileZilla Client.lnk
2015-01-31 19:22 - 2014-04-30 17:02 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-31 19:22 - 2014-04-30 17:02 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-01-31 19:21 - 2014-02-23 14:54 - 00000000 ____D () C:\Users\Wyn\AppData\Local\gtk-2.0
2015-01-31 11:40 - 2014-05-10 11:43 - 00000000 ____D () C:\Users\Wyn\Desktop\Premiumize.me
2015-01-30 20:42 - 2014-02-03 17:04 - 00003154 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForWyn
2015-01-30 20:42 - 2014-02-03 17:04 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForWyn.job
2015-01-30 15:16 - 2014-10-19 09:34 - 00000000 ____D () C:\Users\Wyn\Desktop\Findlingshof
2015-01-30 15:09 - 2013-11-14 08:27 - 01984420 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-30 15:09 - 2013-11-14 08:11 - 00843606 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-30 15:09 - 2013-11-14 08:11 - 00192300 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-29 20:42 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-29 19:31 - 2014-02-03 18:03 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\Skype
2015-01-28 21:27 - 2014-03-21 22:23 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\vlc
2015-01-27 15:28 - 2014-02-03 17:16 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-26 19:00 - 2014-08-23 10:40 - 00000000 ____D () C:\Users\Wyn\Desktop\Bewerbung(en)
2015-01-24 21:58 - 2014-02-03 18:13 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-01-24 21:20 - 2014-12-18 19:42 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-12-18 19:42 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 21:08 - 2014-02-03 18:13 - 00000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-01-22 13:41 - 2014-02-03 19:06 - 00000000 ____D () C:\Users\Wyn\Documents\Battlefield 2
2015-01-22 13:37 - 2014-02-03 20:10 - 00000000 ____D () C:\Users\Wyn\Desktop\Abbilder DVD
2015-01-22 12:45 - 2014-02-03 17:59 - 00000000 ____D () C:\Users\Wyn\Desktop\Spiele
2015-01-22 12:31 - 2013-09-27 12:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-20 12:44 - 2013-11-24 16:28 - 00000000 ____D () C:\ProgramData\Temp
2015-01-20 02:52 - 2014-02-03 17:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-20 00:43 - 2014-02-03 18:20 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2015-01-20 00:43 - 2014-02-03 17:41 - 00000000 ____D () C:\Users\Wyn\Desktop\Programme
2015-01-15 21:29 - 2013-09-27 11:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-01-15 21:28 - 2014-02-03 13:39 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\CyberLink
2015-01-15 21:28 - 2013-11-24 16:29 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-15 16:33 - 2014-06-08 14:55 - 00000000 ____D () C:\Users\Wyn\Documents\Ubisoft
2015-01-15 15:51 - 2014-02-04 00:02 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-01-15 15:49 - 2014-09-04 12:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-15 14:40 - 2014-02-03 12:32 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-15 14:33 - 2014-02-03 12:32 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-13 16:24 - 2014-03-23 12:09 - 00000000 ____D () C:\Program Files (x86)\JavaEditor
2015-01-12 15:42 - 2014-03-10 15:32 - 00000000 ____D () C:\Users\Wyn\Desktop\Auto
2015-01-10 13:39 - 2014-10-28 21:50 - 00000000 ____D () C:\Users\Wyn\Desktop\VT
2015-01-10 00:04 - 2014-05-18 21:20 - 00000000 ____D () C:\Users\Wyn\AppData\Roaming\dvdcss
2015-01-09 23:51 - 2014-02-24 15:10 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-01-09 23:51 - 2014-02-03 17:46 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-09 23:51 - 2014-02-03 16:29 - 00000000 ____D () C:\Users\Wyn\AppData\Local\Downloaded Installations
2015-01-09 15:24 - 2014-02-03 18:03 - 00000000 ____D () C:\ProgramData\Skype
2015-01-09 02:27 - 2014-12-25 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java-Editor
2015-01-05 18:16 - 2014-02-03 20:12 - 00000000 ____D () C:\Users\Wyn\Desktop\Diverses
==================== Files in the root of some directories =======
2014-02-03 18:13 - 2014-02-03 18:13 - 0000268 ___RH () C:\Users\Wyn\AppData\Roaming\Pianos and Keyboards
2014-02-03 18:16 - 2014-02-03 18:16 - 0000268 ___RH () C:\Users\Wyn\AppData\Roaming\Pick Bass
2014-02-03 18:13 - 2014-02-03 18:13 - 0000268 ___RH () C:\Users\Wyn\AppData\Roaming\Pipe Organ
2014-05-17 20:07 - 2014-06-09 19:46 - 0009216 _____ () C:\Users\Wyn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-31 19:21 - 2015-01-31 19:21 - 0009589 _____ () C:\Users\Wyn\AppData\Local\recently-used.xbel
2014-04-03 09:32 - 2014-07-28 15:23 - 0007629 _____ () C:\Users\Wyn\AppData\Local\Resmon.ResmonCfg
2014-05-18 21:36 - 2015-01-01 18:00 - 0000164 ___SH () C:\ProgramData\.zreglib
2014-02-03 18:16 - 2014-02-03 18:16 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-02-03 18:13 - 2015-01-24 21:58 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-02-03 18:13 - 2015-01-24 21:08 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-02-03 18:13 - 2014-02-03 18:13 - 0000268 ___RH () C:\ProgramData\Plants
2014-02-03 18:16 - 2014-02-03 18:16 - 0000268 ___RH () C:\ProgramData\Plug-In Settings
2014-02-03 18:13 - 2014-02-03 18:13 - 0000268 ___RH () C:\ProgramData\Plug-Ins
Some content of TEMP:
====================
C:\Users\Wyn\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6apvyj.dll
C:\Users\Wyn\AppData\Local\Temp\Execute2App.exe
C:\Users\Wyn\AppData\Local\Temp\Extract.exe
C:\Users\Wyn\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Wyn\AppData\Local\Temp\msvcp90.dll
C:\Users\Wyn\AppData\Local\Temp\msvcr90.dll
C:\Users\Wyn\AppData\Local\Temp\Quarantine.exe
C:\Users\Wyn\AppData\Local\Temp\SP69393.exe
C:\Users\Wyn\AppData\Local\Temp\sqlite3.dll
C:\Users\Wyn\AppData\Local\Temp\_is657.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-30 15:52
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
und hier die Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by *** at 2015-02-02 11:33:27
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ADAC - Die Simulation (HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\ADAC - Die Simulation) (Version: 1.00.00.00 - rondomedia GmbH)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Amazon Cloud Player (HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.6.0 - SlySoft)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.388 - ArcSoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - )
Battlefield 2: Special Forces (HKLM-x32\...\{50D4CB89-AF34-4978-96DC-C3034062E901}) (Version: - )
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
BEHRINGER X-UF USB2.0 Driver v6.13.0.0 (HKLM-x32\...\BEHRINGER X-UF USB2.0 Driver v6.13.0.0) (Version: 6.13.0.0 - BEHRINGER)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Camping Manager 2012 (HKLM-x32\...\Camping Manager 2012_is1) (Version: - astragon)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.6.7225 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3603 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Polizei 2013 (HKLM-x32\...\Die Polizei 2013) (Version: - Quadriga Games)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.6.1 - DivX, Inc.)
Dropbox (HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version: - CM&V)
Easy CD-DA Extractor Free 2010 (HKLM-x32\...\Easy CD-DA Extractor Free 2010) (Version: 2010.6 - Poikosoft)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-510 Series Printer Uninstall (HKLM\...\EPSON XP-510 Series) (Version: - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
EZ CD Audio Converter (64-bit) (HKLM\...\EZ CD Audio Converter (64-bit)) (Version: 2.0.4 - Poikosoft)
FileZilla Client 3.10.0.2 (HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.10.1213 - Foxit Corporation)
Free DVD Video Converter version 2.0.19.514 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.19.514 - DVDVideoSoft Ltd.)
Free Studio version 6.4.0.1122 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.0.1122 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.49.1022 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{7F265322-43A2-4C06-925B-F32F938B102C}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
ImDisk Virtual Disk Driver (HKLM\...\ImDisk) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{B0CA78DB-745A-4857-A73F-9ACD95E62BD0}) (Version: 4.0.41.2072 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java SE Development Kit 8 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Java-Editor 12.44, 2015.01.08 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version: - Gerhard Röhner)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Kayako Desktop (HKLM-x32\...\KayakoDesktop) (Version: - )
Lexware Info Service (HKLM-x32\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
LibreOffice 4.2.4.2 (HKLM-x32\...\{6B4977CB-5B9F-4B24-8310-3BA527A8AF22}) (Version: 4.2.4.2 - The Document Foundation)
MAGIX Screenshare (HKLM-x32\...\MAGIX_{BA816CCA-0FEA-4A68-9AD0-4CF3D2DF40CC}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{4F9A18DC-6E29-4C2C-86B3-2C8815E2F794}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (HKLM-x32\...\MAGIX_{9ADAE3A4-87DD-4091-B5E0-24F4B6F08F3A}) (Version: 11.0.5.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (x32 Version: 11.0.5.0 - MAGIX AG) Hidden
MAGIX Video Pro X5 (HKLM-x32\...\MAGIX_{9624820E-108F-4854-B5A9-24EDCC24CC93}) (Version: 12.0.12.4 - MAGIX AG)
MAGIX Video Pro X5 (Version: 12.0.12.4 - MAGIX AG) Hidden
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mediatek Bluetooth (HKLM\...\{904C579C-9366-D3B7-7F31-4879401DBD4A}) (Version: 11.0.756.0 - Mediatek)
MergeModule_x64 (Version: 9.0.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version: - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (HKLM-x32\...\{31e4d2a5-b246-4c2d-a7fb-aee157c26b02}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.0 - Nikon)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 5.1.6 - CEWE Stiftung u Co. KGaA)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.5.0 - Nikon)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
pidgin-otr 4.0.0-1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.0.00.09031 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.0.00 - Sony Corporation) Hidden
ProTrain Perfect 2 (HKLM-x32\...\AuranTS2009_ptp2_is1) (Version: - Auran)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Rechnungsverwalter (HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\Rechnungsverwalter) (Version: 2.10.31 - Temia Consulting)
RECYCLE (HKLM-x32\...\Steam App 294830) (Version: - rondomedia GmbH)
Rise of Nations Thrones and Patriots (HKLM-x32\...\RiseofNationsExpansion 1.0) (Version: - )
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
SiudiDriver Version 2.3 (HKLM\...\SiudiDriver_is1) (Version: 2.3 - LightingSoft AG)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Label Printer 7.1.1 R2 (HKLM-x32\...\{A9C7B9CE-229D-40DF-8152-20DC2971AB30}) (Version: 7.1.0437 - Seiko Instruments Inc.)
SmartSoft (HKLM-x32\...\{502B9298-3AA1-44F5-85B6-87B22FDC25E1}) (Version: 3.0.43 - ETC)
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Sounds (remove only) (HKLM-x32\...\Sounds) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SWI-Prolog (remove only) (HKLM-x32\...\SWI-Prolog) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TechniSat DVB-PC TV Star (HKLM-x32\...\{CE9F9FBC-5253-46D2-9883-09E55003D794}) (Version: 1.0.0 - TechniSat)
Telegram Desktop version 0.6.7 (HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.6.7 - Telegram Messenger LLP)
Tom Clancy's Rainbow Six Vegas (HKLM-x32\...\{5731C0A8-B266-451A-8D3F-8066AA21836F}) (Version: 1.06.000 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.03 - Ubisoft)
Train Fever (HKLM-x32\...\Steam App 304730) (Version: - Urban Games)
TVCenter (HKLM\...\{DD0A0C72-A7C3-4722-86C9-2399F9FC0DE7}) (Version: 6.4.5.933 - PCTV Systems)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
ViewNX 2 (HKLM-x32\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.9.0 - Nikon)
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WORLD IN CONFLICT (HKLM-x32\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: 1.0.1.0 - Massive Entertainment)
Xerox WC73xx Print Experience 2.0 (HKLM\...\{E6993C0F-894A-A469-65DE-5780497BC784}) (Version: 6.71.9.5 - Xerox)
XMedia Recode Version 3.2.1.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.1.2 - XMedia Recode)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4126525249-1915814395-1466209751-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wyn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
15-01-2015 21:15:12 HPSF Applying updates
22-01-2015 11:30:47 Entfernt Battlefield 2(TM)
29-01-2015 20:40:03 Windows Update
01-02-2015 18:03:16 Installed HP CoolSense
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {004CCF78-AF97-44F5-BC5F-0F7178B7F7ED} - System32\Tasks\EPSON XP-510 Series Update {EFBB9A74-580C-4AFB-AE13-713218B4702E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLRE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {04BA682F-F484-43BC-897F-12FF4DD97D93} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {0734F92A-243B-49A6-B1CF-AF3410959BD5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {12BDEB51-1E0F-4AF4-BF21-7AC713468D3E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {14FA53B7-EF51-4720-A820-467E5D9B5E2A} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {214B3A2E-0671-44D5-9797-9D16A71B719C} - System32\Tasks\EPSON XP-510 Series Invitation {EFBB9A74-580C-4AFB-AE13-713218B4702E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLRE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {286C8333-6057-4AE8-84F6-E60D60140114} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2AD6CA71-8B0C-485E-B0EB-D8258FAEF665} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)
Task: {3A38C00A-E49C-44AE-86DD-E4402E510327} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {40D69630-3751-4048-9E2A-BA065C6B43FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {532F6465-4937-40C6-A940-65A976AE73BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03] (Google Inc.)
Task: {5EDBC442-1EAB-4176-ACC8-6F7A63CA7896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03] (Google Inc.)
Task: {65E06EFA-5A0B-4D33-98E0-A6AE394A25B3} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2013-12-03] (CyberLink Corp.)
Task: {76829B37-5459-4191-8A97-84E6C6B914CB} - System32\Tasks\{AB1BE9CE-7839-445B-B23A-72CB1323B717} => pcalua.exe -a "C:\Program Files (x86)\RTL\Cobra 11 - Nitro Demo\C11_PC.exe" -d "C:\Program Files (x86)\RTL\Cobra 11 - Nitro Demo\"
Task: {7912253C-7D3B-4DB6-A9FB-E9EC28F13D8F} - System32\Tasks\{52055EA3-B191-4C21-9779-638FF85951CA} => pcalua.exe -a "C:\Program Files (x86)\RTL\Cobra 11 - Nitro Demo\C11_PC.exe" -d "C:\Program Files (x86)\RTL\Cobra 11 - Nitro Demo\"
Task: {7B1A8055-977B-48B1-83A5-2131A4E3DD9A} - System32\Tasks\Xerox WC73xx Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\wc73xx\XeroxPrinterConfiguration.exe [2013-12-02] (Xerox Corporation)
Task: {7EDD5BA2-550E-45BD-B2E0-5E3DD9653C5C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {80F1CD03-074E-42D8-8ABF-A18ADDE2B3CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {92E965A0-1A27-4F49-8394-C1818B88C526} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {A3C03853-F286-42E0-9BFE-BC3DAE7E23DA} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {A624BB8C-198C-4B34-AC53-F9DDDDCFF5CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B4EB2765-75FC-4A71-BAEC-5E7C45BD5372} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BD09DC6F-87D1-479C-8473-633BE113DCBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {C4FABA0C-4C4E-4413-9B89-B6BAD43E6D85} - System32\Tasks\HPCeeScheduleForWyn => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {C8E526AE-7298-4ED9-8F46-ED9C1A8128A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D0C98667-2646-4102-A2DE-A25150CD4731} - System32\Tasks\Xerox WC73xx Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\wc73xx\XeroxPrinterConfiguration.exe [2013-12-02] (Xerox Corporation)
Task: {E03582CD-A6A7-4D14-BAB9-E39A8E3E1443} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\EPSON XP-510 Series Invitation {EFBB9A74-580C-4AFB-AE13-713218B4702E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLRE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-510 Series Update {EFBB9A74-580C-4AFB-AE13-713218B4702E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLRE.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForWyn.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2013-10-27 09:03 - 2014-12-13 11:08 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-03 15:22 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-13 10:35 - 2013-02-13 10:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 10:35 - 2013-02-13 10:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-03-19 14:21 - 2013-03-19 14:21 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2013-02-07 09:19 - 2013-02-07 09:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2014-09-30 01:51 - 2014-09-30 01:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2014-03-06 14:00 - 2014-03-06 14:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2013-10-27 09:03 - 2014-12-13 11:08 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-16 16:34 - 2015-01-16 16:34 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-01-27 15:28 - 2015-01-25 07:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 15:28 - 2015-01-25 07:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 15:28 - 2015-01-25 07:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
2013-11-24 16:11 - 2013-02-16 01:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-27 15:28 - 2015-01-25 07:08 - 14913864 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:7BEAD6C2
AlternateDataStreams: C:\ProgramData\Temp:98353363
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "TMMonitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Behringer X-UF USB Control Panel.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SmartCapture.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Nach Updates suchen.lnk"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKLM\...\StartupApproved\Run32: => "TrayServer"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\StartupFolder: => "Telegram.lnk"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\StartupFolder: => "LibreOffice 4.2.lnk"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000002"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\Run: => "Kies3PDLR.exe"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_18C8ADFAF96BD2AADE491DE6AD910887"
HKU\S-1-5-21-4126525249-1915814395-1466209751-1002\...\StartupApproved\Run: => "Power2GoExpress8"
========================= Accounts: ==========================
Administrator (S-1-5-21-4126525249-1915814395-1466209751-500 - Administrator - Disabled)
Gast (S-1-5-21-4126525249-1915814395-1466209751-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-4126525249-1915814395-1466209751-1010 - Limited - Enabled)
Papa (S-1-5-21-4126525249-1915814395-1466209751-1008 - Limited - Enabled) => C:\Users\Papa
Wyn (S-1-5-21-4126525249-1915814395-1466209751-1002 - Administrator - Enabled) => C:\Users\Wyn
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/02/2015 11:05:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "eacdll.sxs,type="win32",version="2.1.8.0"1".
Die abhängige Assemblierung "eacdll.sxs,type="win32",version="2.1.8.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/02/2015 09:45:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wyn-PC_HP)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/02/2015 09:45:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wyn-PC_HP)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/02/2015 00:07:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: slpmonx.exe, Version: 0.2.0.220, Zeitstempel: 0x39904489
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.16384, Zeitstempel: 0x52158ff5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000e1ef
ID des fehlerhaften Prozesses: 0x8e4
Startzeit der fehlerhaften Anwendung: 0xslpmonx.exe0
Pfad der fehlerhaften Anwendung: slpmonx.exe1
Pfad des fehlerhaften Moduls: slpmonx.exe2
Berichtskennung: slpmonx.exe3
Vollständiger Name des fehlerhaften Pakets: slpmonx.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: slpmonx.exe5
Error: (02/02/2015 00:07:05 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting
For more information, see Help and Support Center at hxxp://www.mysql.com.
Error: (02/02/2015 00:07:05 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Can't find messagefile 'C:\xampp\mysql\share\errmsg.sys'
For more information, see Help and Support Center at hxxp://www.mysql.com.
Error: (02/02/2015 00:06:59 AM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service named reported the following error:
>>> httpd.exe: Syntax error on line 37 of C:/xampp/xampp/apache/conf/httpd.conf: ServerRoot must be a valid directory .
Error: (02/01/2015 11:41:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: slpmonx.exe, Version: 0.2.0.220, Zeitstempel: 0x39904489
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.16384, Zeitstempel: 0x52158ff5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000e1ef
ID des fehlerhaften Prozesses: 0xb64
Startzeit der fehlerhaften Anwendung: 0xslpmonx.exe0
Pfad der fehlerhaften Anwendung: slpmonx.exe1
Pfad des fehlerhaften Moduls: slpmonx.exe2
Berichtskennung: slpmonx.exe3
Vollständiger Name des fehlerhaften Pakets: slpmonx.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: slpmonx.exe5
Error: (02/01/2015 11:41:21 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting
For more information, see Help and Support Center at hxxp://www.mysql.com.
Error: (02/01/2015 11:41:21 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Can't find messagefile 'C:\xampp\mysql\share\errmsg.sys'
For more information, see Help and Support Center at hxxp://www.mysql.com.
System errors:
=============
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.ZuneMusic
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: SymantecCorporation.NortonStudio
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.XboxLIVEGames
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.BingWeather
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.BingFinance
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.WindowsReadingList
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.BingSports
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.WindowsScan
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.WindowsAlarms
Error: (02/02/2015 09:46:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Microsoft.HelpAndTips
Microsoft Office Sessions:
=========================
Error: (02/02/2015 11:05:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: eacdll.sxs,type="win32",version="2.1.8.0"c:\Users\Wyn\AppData\Local\hpconnectedmusic\application\100100096\HPConnectedMusic.exe
Error: (02/02/2015 09:45:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wyn-PC_HP)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (02/02/2015 09:45:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wyn-PC_HP)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (02/02/2015 00:07:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: slpmonx.exe0.2.0.22039904489msvcrt.dll7.0.9600.1638452158ff5c00000050000e1ef8e401d03e73cb5bf697C:\WINDOWS\SysWOW64\slpmonx.exeC:\WINDOWS\SYSTEM32\msvcrt.dll0f9fe619-aa67-11e4-bed0-3423873bf9ca
Error: (02/02/2015 00:07:05 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting
Error: (02/02/2015 00:07:05 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Can't find messagefile 'C:\xampp\mysql\share\errmsg.sys'
Error: (02/02/2015 00:06:59 AM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Syntax error on line 37 of C:/xampp/xampp/apache/conf/httpd.conf: ServerRoot must be a valid directory
Error: (02/01/2015 11:41:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: slpmonx.exe0.2.0.22039904489msvcrt.dll7.0.9600.1638452158ff5c00000050000e1efb6401d03e7034871ff8C:\WINDOWS\SysWOW64\slpmonx.exeC:\WINDOWS\SYSTEM32\msvcrt.dll7c86dca0-aa63-11e4-becf-3423873bf9ca
Error: (02/01/2015 11:41:21 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting
Error: (02/01/2015 11:41:21 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Can't find messagefile 'C:\xampp\mysql\share\errmsg.sys'
CodeIntegrity Errors:
===================================
Date: 2015-02-02 00:06:59.770
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-02 00:06:59.598
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-02 00:06:32.884
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\hwinterfacex64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-01 23:41:02.477
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-01 23:41:00.742
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-01 23:40:08.924
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\hwinterfacex64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-01 19:56:18.656
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-01 19:56:18.374
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-01 19:55:48.434
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\hwinterfacex64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-01 18:07:46.337
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 22%
Total physical RAM: 12220.02 MB
Available physical RAM: 9446.55 MB
Total Pagefile: 14076.02 MB
Available Pagefile: 10315.04 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:909.97 GB) (Free:451.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:20.08 GB) (Free:1.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777)
Partition: GPT Partition Type.
==================== End Of Log ============================ |