so FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Rene (administrator) on RENE-PC on 08-02-2015 19:03:45
Running from C:\Users\Rene\Downloads
Loaded Profiles: Rene (Available profiles: Rene)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Users\Rene\AppData\Local\credssprshx32Drv\credssprshx32Drv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Rene\AppData\Local\credssprshx32Drv\backuposClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Windows\SysWOW64\snapshotmemdiagBckp\snapshotmemdiagBckp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Farbar) C:\Users\Rene\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-03-29] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2015-02-08] (AVAST Software)
HKLM\...\RunOnce: [ASYNCMAC] => rundll32.exe streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},C:\WINDOWS\INF\netrasa.inf,Ndis-Mp-AsyncMac
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rene\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\MountPoints2: {9499224d-752d-11e4-be91-4c72b9632d32} - "K:\.\Autorun.exe" AUTORUN=1
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\MountPoints2: {a849e0fd-3d0e-11e4-be87-4c72b9632d32} - "K:\.\Autorun.exe" AUTORUN=1
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\MountPoints2: {b1d45d72-cb06-11e3-be73-4c72b9632d32} - "J:\Setup.exe"
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\MountPoints2: {f9ac35ce-bc22-11e3-be6c-4c72b9632d32} - "J:\.\Autorun.exe" AUTORUN=1
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\MountPoints2: {f9ac35ff-bc22-11e3-be6c-4c72b9632d32} - "J:\.\Autorun.exe" AUTORUN=1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60048;https=127.0.0.1:60048
ProxyEnable: [S-1-5-21-3504427813-1414244708-91211267-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3504427813-1414244708-91211267-1001] => http=127.0.0.1:10085
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3504427813-1414244708-91211267-1001 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3504427813-1414244708-91211267-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3504427813-1414244708-91211267-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\lhv3utgn.default-1406827977024
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.at/?gws_rd=ssl
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\lhv3utgn.default-1406827977024\searchplugins\google-avast.xml
FF Extension: DownloadHelper - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\lhv3utgn.default-1406827977024\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-07]
FF Extension: leethax.net extension - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\lhv3utgn.default-1406827977024\Extensions\leethax@leethax.net.xpi [2014-10-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-08]
FF HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\Firefox\Extensions: [{82A50466-5F46-20CC-9D10-23DA0D6D1457}] - C:\Program Files (x86)\ver1Safer-Surf\183.xpi
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18]
CHR Extension: (Google Drive) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18]
CHR Extension: (YouTube) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18]
CHR Extension: (Google-Suche) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18]
CHR Extension: (FB Dislike) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpekolbadenjphaaapbgdienjjpgbali [2014-06-05]
CHR Extension: (Google Wallet) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Google Mail) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-08] (AVAST Software)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-08-11] (BitRaider, LLC)
R2 credssprshx32Drv.exe; C:\Users\Rene\AppData\Local\credssprshx32Drv\credssprshx32Drv.exe [211968 2015-02-06] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-04-27] ()
R2 snapshotmemdiagBckp; C:\WINDOWS\SysWOW64\snapshotmemdiagBckp\snapshotmemdiagBckp.exe [83456 2015-01-16] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]
S2 wauctla Service; C:\WINDOWS\wauctla.exe [188928 2015-02-06] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-08] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-08] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-08] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-23] (Disc Soft Ltd)
S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 19:03 - 2015-02-08 19:04 - 00017976 _____ () C:\Users\Rene\Downloads\FRST.txt
2015-02-08 19:03 - 2015-02-08 19:03 - 00000000 ____D () C:\FRST
2015-02-08 19:02 - 2015-02-08 19:02 - 02132992 _____ (Farbar) C:\Users\Rene\Downloads\FRST64(1).exe
2015-02-08 19:02 - 2015-02-08 19:02 - 01902175 _____ () C:\Users\Rene\Downloads\FRST64.exe
2015-02-08 18:28 - 2015-02-08 18:28 - 02112512 _____ () C:\Users\Rene\Downloads\adwcleaner_4.110.exe
2015-02-08 18:25 - 2015-02-08 18:28 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-08 18:25 - 2015-02-08 18:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-08 18:23 - 2015-02-08 18:23 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-08 18:23 - 2015-02-08 18:23 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-08 18:23 - 2015-02-08 18:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-08 17:36 - 2015-02-08 17:37 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
2015-02-08 17:36 - 2015-02-08 17:36 - 06987160 _____ (Security Stronghold ) C:\Users\Rene\Downloads\StrongholdAntiMalware.exe
2015-02-08 17:33 - 2015-02-08 18:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-02-08 17:33 - 2015-02-08 17:33 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1423413205609
2015-02-08 17:33 - 2015-02-08 17:33 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-02-08 17:33 - 2015-02-08 17:33 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-02-08 17:33 - 2015-02-08 17:33 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-02-08 17:33 - 2015-02-08 17:33 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-02-08 17:33 - 2015-02-08 17:33 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-02-08 17:33 - 2015-02-08 17:33 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-02-08 17:33 - 2015-02-08 17:33 - 00087912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-02-08 17:33 - 2015-02-08 17:33 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.1423413206296
2015-02-08 17:33 - 2015-02-08 17:33 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-02-08 17:33 - 2015-02-08 17:33 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-02-08 17:33 - 2015-02-08 17:33 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-02-08 17:33 - 2015-02-08 17:33 - 00001980 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-08 17:33 - 2015-02-08 17:33 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\AVAST Software
2015-02-08 17:33 - 2015-02-08 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-08 17:33 - 2015-02-08 17:33 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-08 17:30 - 2015-02-08 17:31 - 55440296 _____ () C:\Users\Rene\Downloads\avira_free_antivirus468_de.exe
2015-02-08 17:28 - 2015-02-08 17:28 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-08 17:28 - 2015-02-08 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-08 17:28 - 2015-02-08 17:28 - 00000000 ____D () C:\ProgramData\Avira
2015-02-08 17:28 - 2015-02-08 17:28 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-08 17:18 - 2015-02-08 17:18 - 00639022 _____ (Zugara Investments Limited ) C:\Users\Rene\Downloads\aviradeavwsexe.exe
2015-02-06 15:58 - 2015-02-07 20:03 - 00000000 ____D () C:\Users\Rene\AppData\Local\credssprshx32Drv
2015-02-06 15:58 - 2015-02-06 15:58 - 00005012 _____ () C:\WINDOWS\wauctla.InstallState
2015-02-06 15:58 - 2015-02-06 15:58 - 00000529 _____ () C:\WINDOWS\wauctla.InstallLog
2015-02-06 15:58 - 2015-02-06 13:13 - 00188928 _____ () C:\WINDOWS\wauctla.exe
2015-02-02 13:16 - 2015-02-02 13:16 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\2K Sports
2015-02-02 02:57 - 2015-02-02 02:57 - 00000000 ____D () C:\Users\Rene\AppData\Local\CAPCOM
2015-02-02 02:42 - 2015-02-02 02:42 - 00002011 _____ () C:\Users\Rene\Desktop\Resident Evil HD REMASTER.lnk
2015-02-02 02:23 - 2015-02-02 02:57 - 00000000 ____D () C:\Program Files (x86)\Resident Evil HD REMASTER
2015-02-02 01:49 - 2015-01-20 14:31 - 00000000 ____D () C:\Users\Rene\Downloads\RE.HD.R_M2
2015-02-02 01:43 - 2015-02-02 01:43 - 03122628 _____ () C:\Users\Rene\Downloads\RE.HD.R_M2_FIX.rar
2015-02-02 01:43 - 2015-01-25 09:44 - 00000000 ____D () C:\Users\Rene\Downloads\RE.HD.R_M2_FIX
2015-02-01 23:46 - 2015-02-01 23:46 - 00000000 ____D () C:\Users\Rene\Documents\DyingLight
2015-02-01 22:49 - 2015-02-01 22:49 - 00001968 _____ () C:\Users\Rene\Desktop\Dying Light Ultimate Edition.lnk
2015-02-01 22:38 - 2015-02-01 23:46 - 00000000 ____D () C:\Program Files (x86)\Dying Light
2015-02-01 22:29 - 2015-01-29 18:34 - 00000000 ____D () C:\Users\Rene\Downloads\DY_LI.UE_M2
2015-01-27 14:56 - 2015-02-08 18:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 18:42 - 2015-01-26 19:07 - 445479014 _____ () C:\Users\Rene\Desktop\video.mp4
2015-01-25 22:03 - 2015-01-25 22:24 - 236259252 _____ () C:\Users\Rene\Desktop\video-3.mp4
2015-01-25 21:59 - 2015-01-25 21:59 - 00783779 _____ () C:\Users\Rene\Desktop\Ouija.mp4
2015-01-25 15:42 - 2015-01-25 15:42 - 00002049 _____ () C:\Users\Rene\Desktop\Dragon Age Inquisition.lnk
2015-01-25 15:23 - 2015-01-25 15:42 - 00000000 ____D () C:\Program Files (x86)\Dragon Age Inquisition
2015-01-25 14:22 - 2015-01-25 14:22 - 00000000 ____D () C:\Users\Rene\Desktop\BioWare
2015-01-24 14:43 - 2015-01-24 14:43 - 01188880 _____ (Elex do Brasil Participações Ltda) C:\Users\Rene\Downloads\yet_another_cleaner_sk_0.exe
2015-01-24 14:39 - 2015-01-24 14:39 - 01230288 _____ (Zugara Investments Limited ) C:\Users\Rene\Downloads\yetanothercleanerskexe.exe
2015-01-24 13:53 - 2015-01-24 13:53 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-24 13:52 - 2015-01-24 13:52 - 00214380 _____ () C:\Users\Rene\Downloads\SZSetup_AID10121_AV.exe
2015-01-24 13:14 - 2015-02-08 18:30 - 00000000 ____D () C:\AdwCleaner
2015-01-24 13:13 - 2015-01-24 13:13 - 02186752 _____ () C:\Users\Rene\Downloads\adwcleaner_4.108.exe
2015-01-24 12:52 - 2015-01-24 12:52 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rene\Downloads\revosetup95.exe
2015-01-24 12:52 - 2015-01-24 12:52 - 00001280 _____ () C:\Users\Rene\Desktop\Revo Uninstaller.lnk
2015-01-24 12:52 - 2015-01-24 12:52 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-16 15:57 - 2015-01-16 15:57 - 00000000 ____D () C:\WINDOWS\SysWOW64\snapshotmemdiagBckp
2015-01-15 11:52 - 2015-01-15 12:05 - 919470122 _____ () C:\Users\Rene\Desktop\Der Hobbit Teil 3.mp4
2015-01-12 00:24 - 2014-12-27 14:00 - 00000000 ____D () C:\Users\Rene\Downloads\DA.I.DDE_Incl.UPD2.HF_M2
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 19:03 - 2014-11-25 22:58 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 19:03 - 2014-09-15 12:08 - 00000000 ____D () C:\Users\Rene\AppData\Local\Adobe
2015-02-08 19:03 - 2014-04-02 08:50 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3504427813-1414244708-91211267-1001
2015-02-08 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-08 18:15 - 2014-04-18 16:38 - 01729024 ___SH () C:\Users\Rene\Desktop\Thumbs.db
2015-02-08 18:06 - 2014-04-27 16:32 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-08 18:04 - 2014-10-27 17:55 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-08 17:35 - 2014-11-26 22:29 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\Google
2015-02-08 17:33 - 2014-11-25 22:56 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-08 17:28 - 2014-04-22 16:51 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-08 17:11 - 2014-06-05 13:52 - 00439296 ___SH () C:\Users\Rene\Downloads\Thumbs.db
2015-02-08 16:41 - 2014-04-23 22:06 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\BitTorrent
2015-02-08 16:19 - 2014-06-20 12:14 - 00000940 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3504427813-1414244708-91211267-1001UA.job
2015-02-08 15:10 - 2014-11-25 22:59 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-08 15:10 - 2014-11-25 22:58 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-08 15:10 - 2014-10-27 20:16 - 00000000 ___DO () C:\Users\Rene\OneDrive
2015-02-08 15:08 - 2014-04-02 13:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-08 15:08 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-08 15:08 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-08 15:02 - 2014-04-23 17:32 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{002BBF1D-5ADC-4800-A261-3187F17D9FEA}
2015-02-08 14:58 - 2014-05-27 13:50 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\Skype
2015-02-08 13:19 - 2014-06-20 12:14 - 00000918 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3504427813-1414244708-91211267-1001Core.job
2015-02-08 02:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-08 00:37 - 2014-04-23 15:50 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\vlc
2015-02-07 22:39 - 2014-05-01 00:52 - 00000000 ____D () C:\Users\Rene\Desktop\Filme
2015-02-05 13:05 - 2014-05-26 16:44 - 00000000 ____D () C:\Program Files (x86)\Age of Wonders III
2015-02-05 13:05 - 2014-04-27 15:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-05 13:04 - 2014-06-02 19:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-05 13:04 - 2014-05-24 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-02-05 13:04 - 2014-05-24 13:01 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-02-05 13:03 - 2014-06-09 18:25 - 00000000 ____D () C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
2015-02-05 13:03 - 2014-05-24 13:10 - 00000000 ____D () C:\Users\Rene\Documents\My Games
2015-02-05 12:57 - 2014-04-27 17:18 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-28 20:22 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-28 20:22 - 2013-11-14 08:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-28 20:22 - 2013-11-14 08:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-25 14:18 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\Origin
2015-01-25 14:16 - 2014-04-27 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-24 15:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Performance
2015-01-24 14:00 - 2014-11-22 23:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\ClassLogWin32
2015-01-24 14:00 - 2014-04-22 16:51 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2015-01-24 13:53 - 2014-10-27 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-24 13:53 - 2014-10-27 17:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-24 13:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2015-01-24 13:19 - 2014-04-04 20:35 - 00000000 ____D () C:\Users\Rene\AppData\Roaming\TS3Client
2015-01-24 12:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\ADFS
2015-01-24 12:28 - 2014-06-29 01:47 - 00000000 ____D () C:\Program Files (x86)\Sleeping Dogs Game Of The Year (30 DLCs)
2015-01-24 12:20 - 2014-11-25 22:11 - 00000000 ____D () C:\Users\Rene\Desktop\Anti Spyware
2015-01-24 12:10 - 2014-06-25 15:26 - 00000000 ____D () C:\Users\Rene\Desktop\Spiele
2015-01-24 11:54 - 2014-05-18 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2015-01-24 11:52 - 2014-05-19 23:15 - 00000000 ____D () C:\Program Files (x86)\Injustice Gods Among Us Ultimate Edition
2015-01-23 02:04 - 2014-04-02 13:54 - 00000000 ____D () C:\Users\Rene
2015-01-15 20:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-12 01:02 - 2014-05-20 23:12 - 00000000 ____D () C:\Users\Rene\Documents\BioWare
2015-01-11 16:44 - 2011-03-07 12:10 - 00000000 ____D () C:\Users\Rene\Desktop\JDownloader
==================== Files in the root of some directories =======
2014-07-30 19:51 - 2014-10-27 17:51 - 0000101 _____ () C:\Users\Rene\AppData\Roaming\WB.CFG
2014-04-16 14:17 - 2014-04-16 14:17 - 0007601 _____ () C:\Users\Rene\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Rene\AppData\Local\Temp\mfc80.dll
C:\Users\Rene\AppData\Local\Temp\mfc80u.dll
C:\Users\Rene\AppData\Local\Temp\mfcm80.dll
C:\Users\Rene\AppData\Local\Temp\mfcm80u.dll
C:\Users\Rene\AppData\Local\Temp\msvcm80.dll
C:\Users\Rene\AppData\Local\Temp\msvcp80.dll
C:\Users\Rene\AppData\Local\Temp\msvcr80.dll
C:\Users\Rene\AppData\Local\Temp\OSU.exe
C:\Users\Rene\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Rene\AppData\Local\Temp\WTGXMLUtil.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-04 04:42
==================== End Of Log ============================ --- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
Ran by Rene at 2015-02-08 19:04:17
Running from C:\Users\Rene\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-PDF Maker Version 1.4.1 (Build 128) (HKLM-x32\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.4.1 (Build 128) - 7-PDF, Germany - Thorsten Hodes)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
ANNO 2070 - Complete Edition (HKLM-x32\...\{4916C011-3048-456A-8F34-1A5DF90ECC2B}_is1) (Version: 2.00.7780 - RAF)
Assassin’s Creed Unity (HKLM-x32\...\Steam App 289650) (Version: - Ubisoft)
Aufstieg des Hexenkönigs™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.2.655 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Batman Arkham Origins Complete Edition MULTI-2 v25.04.2014 (v20140425) (HKLM-x32\...\Batman Arkham Origins Complete Edition MULTI-2 v25.04.2014 (v20140425)) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.15221 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BioShock Infinite Complete Edition MULTI-2 v1.1.25.5165 (HKLM-x32\...\BioShock Infinite Complete Edition MULTI-2 v1.1.25.5165) (Version: - )
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Command & Conquer 4: Tiberian Twilight (HKLM-x32\...\{3F969822-D969-474A-8B29-B42C3A7FEA4A}_is1) (Version: 1.0 - RAF)
Command & Conquer™ Alarmstufe Rot 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Criminal Minds Version 1.0 (HKLM-x32\...\{644EB38C-B1FF-4CDF-8AE7-33E98CFE5290}_is1) (Version: 1.0 - hxxp://www.deutschland-spielt.de)
Crysis 3 Version 1.3 (HKLM-x32\...\Crysis 3_is1) (Version: 1.3 - EA Games)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Souls II Black Armour Edition MULTI-2 1.0 (HKLM-x32\...\Dark Souls II Black Armour Edition MULTI-2 1.0) (Version: - )
Dead Island Riptide (c) Deep Silver version 1 (HKLM-x32\...\RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1) (Version: 1 - )
Dead Rising 3 Apocalypse Edition MULTi2 1.0 (HKLM-x32\...\Dead Rising 3 Apocalypse Edition MULTi2 1.0) (Version: - )
Deadpool (HKLM-x32\...\Deadpool_is1) (Version: 1.0 - Activision)
Die Schlacht um Mittelerde(tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.16.10 - Electronic Arts Inc.)
Dragon Age Inquisition Digital Deluxe Edition Incl. Update 2 & Hotfix MULTi2 1.0 (HKLM-x32\...\Dragon Age Inquisition Digital Deluxe Edition Incl. Update 2 & Hotfix MULTi2 1.0) (Version: - )
Dying Light Ultimate Edition MULTi2 1.0 (HKLM-x32\...\Dying Light Ultimate Edition MULTi2 1.0) (Version: - )
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version: - SEIKO EPSON Corporation)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 - Complete Collection v1.0 (HKLM-x32\...\{B66BE4C1-ADC9-40AA-8B19-4375006118A2}_is1) (Version: Far Cry 3 - Complete Collection - Ubisoft)
Far Cry 4 Gold Edition Incl. Update 1 MULTi2 v1.3.0 (HKLM-x32\...\Far Cry 4 Gold Edition Incl. Update 1 MULTi2 v1.3.0) (Version: - )
FIFA Manager 13 (HKLM-x32\...\{0784CF03-D013-402F-A98B-7FC4877ACF2E}_is1) (Version: 1.0.4.0 - Electronic Arts)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Hitman Absolution - Professional Edition (HKLM-x32\...\Hitman Absolution - Professional Edition_is1) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mass Effect 3 - Ultimate Edition (HKLM-x32\...\{4C7406AA-CE6E-471E-B67E-BA0BC0B60EB7}_is1) (Version: 1.5.5427.124 - RAF)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Medal of Honor: Warfighter - Limited Edition (HKLM-x32\...\{EC2C7FA5-A5AB-497A-AB0E-66FF202CA61C}_is1) (Version: 1.0 - RAF)
Metro Last Light - Complete Edition (HKLM-x32\...\Metro Last Light - Complete Edition_is1) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Murdered Soul Suspect Multi2 1.0 (HKLM-x32\...\Murdered Soul Suspect Multi2 1.0) (Version: - )
NBA 2K15 (HKLM-x32\...\Steam App 282350) (Version: - Visual Concepts)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 26.0.1656.24 (HKLM-x32\...\Opera 26.0.1656.24) (Version: 26.0.1656.24 - Opera Software ASA)
PAYDAY 2 Career Criminal Edition Plus Update 23 Incl. DLCs 1.0 (HKLM-x32\...\PAYDAY 2 Career Criminal Edition Plus Update 23 Incl. DLCs 1.0) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.net)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rage Complete Edition MULTi-9 1.3 (HKLM-x32\...\Rage Complete Edition MULTi-9 1.3) (Version: - )
Resident Evil 4 Ultimate HD Edition Incl. Update v1.06 MULTI-5 1.06 (HKLM-x32\...\Resident Evil 4 Ultimate HD Edition Incl. Update v1.06 MULTI-5 1.06) (Version: - )
Resident Evil HD REMASTER MULTi2 1.0 (HKLM-x32\...\Resident Evil HD REMASTER MULTi2 1.0) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rise of the Witch King Unofficial Patch 2.02 (HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\Rise of the Witch King Unofficial Patch 2.02) (Version: - )
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
Ryse Son of Rome MULTi2 1.0 (HKLM-x32\...\Ryse Son of Rome MULTi2 1.0) (Version: - )
Ryse Son of Rome Update 2 [Hotfix] MULTi2 1.0 (HKLM-x32\...\Ryse Son of Rome Update 2 [Hotfix] MULTi2 1.0) (Version: - )
Ryse Son of Rome Update 3 MULTi2 1.0 (HKLM-x32\...\Ryse Son of Rome Update 3 MULTi2 1.0) (Version: - )
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sid Meier's Civilization Beyond Earth MULTi2 1.0 (HKLM-x32\...\Sid Meier's Civilization Beyond Earth MULTi2 1.0) (Version: - )
Sid Meier's Civilization V (HKLM-x32\...\Sid Meier's Civilization V_is1) (Version: Sid Meier's Civilization V - )
SimCity Version 10.0.0.0 (HKLM-x32\...\SimCity_is1) (Version: 10.0.0.0 - Maxis)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sleeping Dogs Game Of The Year (30 DLCs) 1.0 (HKLM-x32\...\Sleeping Dogs Game Of The Year (30 DLCs) 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.)
Sniper Elite 3 Limited Day One Edition MULTi2 1.0 (HKLM-x32\...\Sniper Elite 3 Limited Day One Edition MULTi2 1.0) (Version: - )
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.39 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Amazing Spider-Man 2 (HKLM-x32\...\VGhlQW1hemluZ1NwaWRlck1hbjI=_is1) (Version: 1 - )
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Evil Within MULTi2 1.0 (HKLM-x32\...\The Evil Within MULTi2 1.0) (Version: - )
The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version: - Turbine, Inc.)
The Sims 3 Ultimate Collection Version 1.67.2 (HKLM-x32\...\The Sims 3 Ultimate Collection_is1) (Version: 1.67.2 - EA Games)
The Walking Dead Season 2 EP 2 (HKLM-x32\...\The Walking Dead Season 2 EP 2) (Version: 1.00 - NSA)
The Walking Dead Survival Instinct (c) Activision version 1 (HKLM-x32\...\VGhlIFdhbGtpbmcgRGVhZCBTdXJ2aXZhbCBJbnN0aW5jdCAo~1255DFC2_is1) (Version: 1 - )
The Walking Dead: Season 2 Episode 3 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
The Witcher 2 Assassins of Kings Enhanced Edition Incl. All DLCs and Extras MULTI-2 v.3.4.0.25 (HKLM-x32\...\The Witcher 2 Assassins of Kings Enhanced Edition Incl. All DLCs and Extras MULTI-2 v.3.4.0.25) (Version: - )
Total War Rome II Hannibal at the Gates German Edition Incl. Update 12 v1.12.0.0-10877.535502 (HKLM-x32\...\Total War Rome II Hannibal at the Gates German Edition Incl. Update 12 v1.12.0.0-10877.535502) (Version: - )
Tropico 5 - Steam Special Edition (HKLM-x32\...\{96C8FF19-C95E-44A7-A238-95692578538F}_is1) (Version: 1.1.0 - Kalypso)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH)
Wolfenstein The New Order German Edition [Full Uncut] 1.0.0.1 (HKLM-x32\...\Wolfenstein The New Order German Edition [Full Uncut] 1.0.0.1) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
25-01-2015 15:01:59 DirectX wurde installiert
01-02-2015 22:49:15 DirectX wurde installiert
05-02-2015 13:03:35 Entfernt Fallout 3
08-02-2015 16:49:27 Removed Facebook Video Calling 3.1.0.521
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0794FCC4-39A1-40B4-896A-10D8D1C54166} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated)
Task: {14DC550F-F51A-404D-ADC0-DAACDE253B8E} - System32\Tasks\{FDE3C8BB-EB74-4C4E-831C-65BBF1B9EEBE} => pcalua.exe -a J:\dotnetfx.exe -d J:\
Task: {361DE965-C55A-4ED1-8611-895BAA6F48C0} - System32\Tasks\{BB4CB234-F910-4792-AE1C-C18B6AB08114} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {41602399-A8F4-40BB-B47D-376F2D4C5DE8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {4CE99EEC-8AD4-4C6B-B9DF-7B73D05CE267} - System32\Tasks\Opera scheduled Autoupdate 1417037520 => C:\Program Files (x86)\Opera\launcher.exe [2014-11-20] (Opera Software)
Task: {50313508-B698-4618-B20C-AEB880343FB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-25] (Google Inc.)
Task: {523A5F90-8053-430B-AB23-6BB1C91289F4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3504427813-1414244708-91211267-1001UA => C:\Users\Rene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-20] (Facebook Inc.)
Task: {6FA58AFE-09DC-440D-AF62-AC042F7BCFC4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-25] (Google Inc.)
Task: {823C1D34-28D4-4C4A-A07D-9840A1DDCE4F} - System32\Tasks\{5AC183D9-DC5B-462F-9BD3-27F1E10FB9E9} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/en/abandoninstall?page=tsMain
Task: {83224E55-98D4-4B57-B3DB-450CD8EA3088} - System32\Tasks\{E124871E-3E1D-4761-9C5A-BC52A27E7465} => pcalua.exe -a C:\Users\Rene\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=irs <==== ATTENTION
Task: {98102B4C-8BA3-4D1D-B96A-A9C749FA20AE} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {AAC1BAED-CFC3-42CD-9C63-6C291C813CAF} - System32\Tasks\{02D7A650-A938-477C-ACC4-C96C283D1DE9} => pcalua.exe -a C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_239_Plugin.exe -c -maintain plugin
Task: {CFFBB1AD-EADB-46FD-95DC-0F6AB1CD98E8} - \EnergoTech Update No Task File <==== ATTENTION
Task: {D01ED180-C886-4526-82DA-20CEBF384218} - \GPUP No Task File <==== ATTENTION
Task: {EEE1ED68-9658-4F0F-814D-7666DB59A837} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3504427813-1414244708-91211267-1001Core => C:\Users\Rene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-20] (Facebook Inc.)
Task: {F7C38669-B15A-4915-8B1C-DBEE625EA279} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-08] (AVAST Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3504427813-1414244708-91211267-1001Core.job => C:\Users\Rene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3504427813-1414244708-91211267-1001UA.job => C:\Users\Rene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-04-02 13:49 - 2014-10-30 03:10 - 00117064 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-06 15:58 - 2015-02-06 15:58 - 00211968 _____ () C:\Users\Rene\AppData\Local\credssprshx32Drv\credssprshx32Drv.exe
2015-02-06 15:58 - 2015-02-06 15:58 - 00451072 _____ () C:\Users\Rene\AppData\Local\credssprshx32Drv\backuposClient.exe
2014-11-22 01:03 - 2014-11-22 01:03 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-16 15:57 - 2015-01-16 11:15 - 00083456 _____ () C:\WINDOWS\SysWOW64\snapshotmemdiagBckp\snapshotmemdiagBckp.exe
2015-02-06 15:58 - 2014-07-08 09:22 - 00095232 _____ () C:\Users\Rene\AppData\Local\credssprshx32Drv\qjson0.dll
2015-02-08 17:33 - 2015-02-08 17:33 - 02900480 _____ () C:\Program Files\AVAST Software\Avast\defs\14110700\algo.dll
2015-02-08 17:40 - 2015-02-08 17:40 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15020800\algo.dll
2015-02-08 17:33 - 2015-02-08 17:33 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-08 18:23 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Rene\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Launcher.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3504427813-1414244708-91211267-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
==================== Accounts: =============================
Administrator (S-1-5-21-3504427813-1414244708-91211267-500 - Administrator - Disabled)
Gast (S-1-5-21-3504427813-1414244708-91211267-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3504427813-1414244708-91211267-1004 - Limited - Enabled)
Rene (S-1-5-21-3504427813-1414244708-91211267-1001 - Administrator - Enabled) => C:\Users\Rene
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/08/2015 06:01:20 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (02/08/2015 05:36:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17239, Zeitstempel: 0x53d22ad9
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53087867
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000175964
ID des fehlerhaften Prozesses: 0xd88
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Vollständiger Name des fehlerhaften Pakets: iexplore.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iexplore.exe5
Error: (02/08/2015 05:29:03 PM) (Source: MsiInstaller) (EventID: 11406) (User: RENE-PC)
Description: Product: Avira -- Error 1406. Could not write value Avira Systray to key \Software\Microsoft\Windows\CurrentVersion\Run. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (02/08/2015 03:28:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d74
Startzeit: 01d043aad3ac7bd8
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: c72930eb-af9e-11e4-be9b-4c72b9632d32
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (02/08/2015 03:05:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 32ec
Startzeit: 01d043a786cc4167
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: 7ab49b3b-af9b-11e4-be9a-4c72b9632d32
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (02/08/2015 02:52:08 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (02/08/2015 02:50:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x19d4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (02/08/2015 00:36:34 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (02/07/2015 08:02:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x2e04
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (02/06/2015 03:09:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x2f18
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
System errors:
=============
Error: (02/08/2015 05:34:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/08/2015 05:08:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "snapshotmemdiagBckp" wurde unerwartet beendet. Dies ist bereits 5 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/08/2015 04:20:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "snapshotmemdiagBckp" wurde unerwartet beendet. Dies ist bereits 4 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/08/2015 04:20:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "snapshotmemdiagBckp" wurde unerwartet beendet. Dies ist bereits 3 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/08/2015 03:34:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "snapshotmemdiagBckp" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/08/2015 03:34:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "snapshotmemdiagBckp" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/08/2015 03:34:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "wauctla Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/08/2015 03:10:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppX-Bereitstellungsdienst (AppXSVC)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/08/2015 03:10:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AppX-Bereitstellungsdienst (AppXSVC) erreicht.
Error: (02/08/2015 03:09:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "credssprshx32Drv.exe" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (02/08/2015 06:01:20 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Rene\Downloads\install_flash_player.exeC:\Users\Rene\Downloads\install_flash_player.exe0
Error: (02/08/2015 05:36:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1723953d22ad9combase.dll6.3.9600.1703153087867c00000050000000000175964d8801d043bd397c78fdC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\combase.dll9d673127-afb0-11e4-be9b-4c72b9632d32
Error: (02/08/2015 05:29:03 PM) (Source: MsiInstaller) (EventID: 11406) (User: RENE-PC)
Description: Product: Avira -- Error 1406. Could not write value Avira Systray to key \Software\Microsoft\Windows\CurrentVersion\Run. System error . Verify that you have sufficient access to that key, or contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (02/08/2015 03:28:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031d7401d043aad3ac7bd84294967295C:\WINDOWS\syswow64\wwahost.exec72930eb-af9e-11e4-be9b-4c72b9632d32Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (02/08/2015 03:05:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703132ec01d043a786cc41674294967295C:\WINDOWS\syswow64\wwahost.exe7ab49b3b-af9b-11e4-be9a-4c72b9632d32Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (02/08/2015 02:52:08 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Rene\Downloads\install_flash_player.exeC:\Users\Rene\Downloads\install_flash_player.exe0
Error: (02/08/2015 02:50:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f224800000030000142519d401d0439df5c54c89C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll80046212-af99-11e4-be9a-4c72b9632d32
Error: (02/08/2015 00:36:34 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\Rene\Downloads\install_flash_player.exeC:\Users\Rene\Downloads\install_flash_player.exe0
Error: (02/07/2015 08:02:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f22480000003000014252e0401d04308a9904750C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllea12ad8c-aefb-11e4-be9a-4c72b9632d32
Error: (02/06/2015 03:09:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f22480000003000014252f1801d0420fa2792fddC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlld26a3248-ae09-11e4-be9a-4c72b9632d32
CodeIntegrity Errors:
===================================
Date: 2015-02-08 17:17:04.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-08 16:27:25.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-08 15:10:21.738
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-08 15:10:21.738
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-05 11:56:33.144
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-05 08:47:06.693
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-05 03:43:39.334
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-05 03:43:39.333
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-05 00:06:18.250
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2015-02-05 00:06:18.250
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 40%
Total physical RAM: 10178.19 MB
Available physical RAM: 6005.43 MB
Total Pagefile: 12482.19 MB
Available Pagefile: 6495.71 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1849.51 GB) (Free:188.07 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:11.25 GB) (Free:1.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (raf-nfsr_ce) (CDROM) (Total:7.08 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 17D0C851)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: A3CDE031)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=73)
==================== End Of Log ============================
bitte schön :) |