FF wird im Netz als Opera erkannt und als nicht funktionierend angegeben

dr.kleiner · 16.09.2014, 08:37

Hallo zusammen.
Ich weiß nicht, ob ich hier im board überhaupt richtig bin, mein Problem erscheint mir etwas ungewöhnlich, weshalb ich einfach mal um Rat fragen wollte. Falls das in ein anderes Forum gehört, schon einmal Entschuldigung.

Folgendes Problem:
Scheinbar werden meine browser (FF und Opera) im Netz "nicht erkannt". Das äußert sich z.b. so, dass googlemail mir diese Meldung gibt:
Some important features may not work in this version of your browser, so you have been redirected to the Basic HTML version. Upgrade to a modern browser, such as Google Chrome.

Habe aber den neuen FF (selbes Problem mit der Version zuvor) und er sagt auch dasselbe, wenn ich (den aktuellen) chrome nutze. Wenn ich über mail.google.com/mail/u/0/?nocheckbrowser auf google gehe, wird mir das "normale" google angezeigt.

Anderes Beispiel: Habe mich gerade bei Netflix angemeldet und als ich es testen wollte (im FF) hat er mir eine Fehlermeldung gegeben, das meine Version von Chrome (!) nicht unterstützt wird.

Wie gesagt, keine Ahnung, ob das auf Trojanerboard gehört, aber ich dachte, ich fang hier mal an...
Danke schon mal

schrauber · 16.09.2014, 09:12

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

dr.kleiner · 16.09.2014, 10:23

hier die FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by *** (administrator) on ***S56 on 16-09-2014 10:55:54
Running from C:\Users\***\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-23] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-05-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [Amazon Cloud Player] => C:\Users\***\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL => C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL File Not Found
AppInit_DLLs:  C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL" File Not Found
AppInit_DLLs-x32:  C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Programme D\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default
FF Homepage: hxxp://www.sueddeutsche.de/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*'))%20%7B%20return%20'PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\user.js
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\de_DE@dicts.j3e.de [2014-08-19]
FF Extension: United States English Spellchecker - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-11-18]
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\staged [2014-05-21]
FF Extension: Garmin Communicator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-19]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-08]
FF Extension: DownloadHelper - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Ghostery - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\firefox@ghostery.com.xpi [2013-08-19]
FF Extension: ProxTube - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-19]
FF Extension: Deutsch (DE) Language Pack - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-11-18]
FF Extension: ScrapBook - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2014-02-10]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-07]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-19]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.sueddeutsche.de/,%20hxxp://news.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.sweet-page.com/?type=hp&ts=1399046166&from=cor&uid=WDCXWD5000LPVX-80V0TT0_WD-WX91A234910349103"
CHR DefaultSearchKeyword: Default -> A5C3AF8B241A09DDCBC99E41A5614ABAC79D788001D2A8E3C4B970DF9D063250
CHR DefaultSearchURL: Default -> A65F1236A39E18DA1BC56F81FBA9757427ACBA153F3D6AC876E46748FA684FF4
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (Turn Off the Lights) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-08-16]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-16]
CHR Extension: (Adblock Plus) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-16]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-16]
CHR Extension: (RAD Soldiers) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiahcckehgdocgonfdickeagmoembpe [2013-09-07]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2013-08-19]
CHR Extension: (RealPlayer Downloader) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-11]
CHR Extension: (Dropbox) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-09-01]
CHR Extension: (Ghostery) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-08-16]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-02]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-02] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2013-12-17] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2013-12-17] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-11] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-09-04] (Google Inc)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-02] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-05-03] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [126440 2009-12-19] (QUALCOMM Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 10:55 - 2014-09-16 10:55 - 00034981 _____ () C:\Users\***\Downloads\FRST.txt
2014-09-16 10:23 - 2014-09-16 10:24 - 02105856 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2014-09-16 10:19 - 2014-09-16 10:19 - 00000000 ___SH () C:\DkHyperbootSync
2014-09-16 07:38 - 2014-09-16 10:53 - 00000000 ____D () C:\Users\***\Documents\Mein Steuer-Sparbuch Heute
2014-09-15 20:55 - 2014-09-15 20:55 - 00000000 ____D () C:\Users\***\Documents\Steuer-Sparbuch
2014-09-15 20:53 - 2014-09-15 20:53 - 00000954 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-09-15 20:53 - 2014-09-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-09-15 07:54 - 2014-09-15 07:54 - 00001452 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iPod
2014-09-14 15:24 - 2014-09-14 15:24 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer(1).exe
2014-09-14 15:17 - 2014-09-14 15:17 - 00000000 ____D () C:\Users\***\AppData\Local\Unity
2014-09-14 15:16 - 2014-09-14 15:16 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer.exe
2014-09-14 13:24 - 2014-09-14 13:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 11:59 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-14 11:59 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-14 11:59 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-14 11:58 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-14 11:58 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-14 11:58 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-14 11:58 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-14 11:58 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-14 11:58 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-14 11:58 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-14 11:58 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-14 11:58 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-14 11:58 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-14 11:58 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-14 11:58 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-14 11:58 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-14 11:58 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-14 11:58 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-14 11:58 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-14 11:58 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-14 11:58 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-14 11:58 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-14 11:58 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-14 11:58 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-14 11:58 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-14 11:58 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-14 11:58 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-14 11:58 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-14 11:58 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-14 11:58 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-14 11:58 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-14 11:58 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-14 11:58 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-14 11:58 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-14 11:58 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-14 11:58 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-14 11:58 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-14 11:58 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-14 11:58 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-14 11:58 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-14 11:58 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-14 11:58 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-14 11:58 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-14 11:58 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-14 11:58 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-14 11:58 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-14 11:58 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-14 11:58 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-14 11:58 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-14 11:58 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-14 11:58 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 11:58 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-14 11:58 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-14 11:58 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-14 11:58 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-14 11:58 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-14 11:58 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-14 11:58 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-14 11:58 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-14 11:58 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-14 11:58 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-14 11:58 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-14 11:58 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-14 11:58 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-14 11:58 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-14 11:58 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-14 11:58 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 11:58 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-14 11:58 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-14 11:58 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-14 11:58 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-14 11:58 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-14 11:58 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-14 11:58 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-14 11:58 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-14 11:58 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-14 11:58 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-14 11:58 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-14 11:58 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-14 11:58 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-14 11:58 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-14 11:58 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-14 11:58 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-14 11:58 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-14 11:58 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-14 11:58 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-14 11:58 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-14 11:58 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-14 11:58 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-14 11:58 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-14 11:58 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-14 11:58 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-14 11:58 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-14 11:58 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-14 11:58 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-14 11:58 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-14 11:58 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-14 11:58 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-14 11:58 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-14 11:58 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-14 11:58 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-14 11:58 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-14 11:58 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-14 11:58 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-14 11:58 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-14 11:58 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-14 11:58 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-14 11:58 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-14 11:58 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-14 11:58 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-14 11:58 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-14 11:58 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-14 11:58 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-14 11:58 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-14 11:58 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-14 11:58 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-14 11:58 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-14 11:58 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-14 11:58 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-14 11:58 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-14 11:58 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-14 11:58 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-14 11:58 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-14 11:58 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-14 11:58 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-14 11:58 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-14 11:58 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-14 11:58 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-14 11:58 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-14 11:58 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-14 11:57 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-14 11:57 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-14 11:57 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-14 11:57 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-14 11:57 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-14 11:57 - 2014-07-24 13:43 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-14 11:57 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-14 11:57 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-14 11:57 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-14 11:57 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-14 11:57 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-14 11:57 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-14 11:57 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-14 11:57 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-14 11:57 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-14 11:57 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-14 11:57 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-14 11:57 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-14 11:57 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-14 11:57 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-14 11:57 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-14 11:57 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-14 11:57 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-14 11:57 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-14 11:57 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-14 11:57 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-14 11:57 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-14 11:57 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-14 11:57 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-14 11:57 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-14 11:57 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-14 11:57 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-14 11:57 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-14 11:57 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:57 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-14 11:57 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-14 11:57 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-14 11:57 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-14 11:57 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:57 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-14 11:57 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-14 11:57 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-14 11:57 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 11:57 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-14 11:57 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-14 11:57 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-14 11:57 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-14 11:57 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-14 11:57 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-14 11:57 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-14 11:57 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-14 11:57 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-14 11:57 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-14 11:57 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-14 11:57 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-14 11:57 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-14 11:57 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-14 11:57 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-14 11:57 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 11:40 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-14 11:40 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-14 11:40 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-14 11:40 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-14 11:40 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-14 11:40 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-14 11:40 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-14 11:40 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-14 11:40 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-14 11:40 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-14 11:40 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-14 11:35 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-11 08:38 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 08:38 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-11 08:38 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-11 08:38 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-11 08:38 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 08:38 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-11 08:38 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-11 08:38 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-11 08:38 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 08:38 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 08:38 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 08:38 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-11 08:38 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 08:38 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 08:38 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 08:38 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 08:38 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 08:38 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 08:38 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 08:38 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 08:38 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 08:38 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 08:38 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 08:38 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-11 08:38 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 08:37 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 08:37 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 08:37 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 08:37 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 08:37 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 08:37 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 08:37 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 08:37 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 08:37 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 08:37 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-10 08:26 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-10 08:25 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-10 08:25 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\Program Files\Java
2014-08-28 08:55 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-27 12:21 - 2014-09-15 20:37 - 00000000 ____D () C:\Users\***\AppData\Roaming\Tropico 4
2014-08-27 12:14 - 2014-08-27 12:14 - 00000000 ____D () C:\Users\***\AppData\Roaming\Kalypso Media
2014-08-25 11:05 - 2014-08-27 11:15 - 00000000 ____D () C:\Users\***\AppData\Roaming\DarknessII
2014-08-25 11:01 - 2014-09-02 07:34 - 00055723 _____ () C:\WINDOWS\DirectX.log
2014-08-17 13:00 - 2014-09-13 05:39 - 00007021 _____ () C:\WINDOWS\setupact.log
2014-08-17 13:00 - 2014-08-17 13:00 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-17 11:19 - 2014-09-12 10:50 - 00000000 ____D () C:\Users\***\AppData\Roaming\vlc
2014-08-17 11:18 - 2014-08-17 11:18 - 00001088 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-17 09:22 - 2014-09-02 22:06 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-17 09:22 - 2014-09-02 22:06 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 10:56 - 2014-09-16 10:55 - 00034981 _____ () C:\Users\***\Downloads\FRST.txt
2014-09-16 10:56 - 2014-01-26 19:20 - 00000000 ____D () C:\FRST
2014-09-16 10:54 - 2014-01-30 21:37 - 00000000 ____D () C:\Users\***\AppData\Roaming\Skype
2014-09-16 10:54 - 2013-08-16 22:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-16 10:53 - 2014-09-16 07:38 - 00000000 ____D () C:\Users\***\Documents\Mein Steuer-Sparbuch Heute
2014-09-16 10:39 - 2014-05-21 09:09 - 00000312 _____ () C:\WINDOWS\Tasks\FF Watcher {FFF41F5B-1A6E-4CF1-9FB2-C7A2BEDBFFBA}.job
2014-09-16 10:26 - 2013-08-28 07:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-16 10:24 - 2014-09-16 10:23 - 02105856 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2014-09-16 10:19 - 2014-09-16 10:19 - 00000000 ___SH () C:\DkHyperbootSync
2014-09-16 10:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-16 09:59 - 2013-08-16 22:23 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-16 09:41 - 2014-08-10 11:59 - 01536284 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-16 08:16 - 2013-08-16 19:35 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-16 07:45 - 2013-09-30 06:14 - 01804156 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-16 07:45 - 2013-09-30 05:56 - 00781646 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-16 07:45 - 2013-09-30 05:56 - 00166324 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-16 07:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-16 07:41 - 2013-12-16 16:30 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8CDA66A8-D89E-41B7-861E-4D1C6BC3CB7D}
2014-09-16 07:40 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-16 07:39 - 2014-08-04 08:37 - 00003352 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-16 07:39 - 2014-08-04 08:37 - 00003300 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-16 07:39 - 2013-08-16 22:23 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 07:38 - 2013-12-11 20:13 - 00000000 __RDO () C:\Users\***\SkyDrive
2014-09-16 07:38 - 2013-08-19 08:00 - 00000000 ____D () C:\Users\***\AppData\Roaming\Dropbox
2014-09-16 07:38 - 2013-08-16 19:26 - 00000062 _____ () C:\Users\***\AppData\Roaming\sp_data.sys
2014-09-16 07:37 - 2014-08-10 17:00 - 00008292 _____ () C:\WINDOWS\PFRO.log
2014-09-16 07:37 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-16 07:37 - 2013-08-22 16:44 - 00489480 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-15 21:21 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-15 20:55 - 2014-09-15 20:55 - 00000000 ____D () C:\Users\***\Documents\Steuer-Sparbuch
2014-09-15 20:54 - 2014-05-24 08:52 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-09-15 20:53 - 2014-09-15 20:53 - 00000954 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-09-15 20:53 - 2014-09-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-09-15 20:37 - 2014-08-27 12:21 - 00000000 ____D () C:\Users\***\AppData\Roaming\Tropico 4
2014-09-15 10:34 - 2013-08-18 15:47 - 00000000 ____D () C:\Users\***\Documents\Outlook-Dateien
2014-09-15 07:54 - 2014-09-15 07:54 - 00001452 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iPod
2014-09-15 07:33 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 22:19 - 2013-09-30 05:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-14 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-14 15:24 - 2014-09-14 15:24 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer(1).exe
2014-09-14 15:17 - 2014-09-14 15:17 - 00000000 ____D () C:\Users\***\AppData\Local\Unity
2014-09-14 15:16 - 2014-09-14 15:16 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer.exe
2014-09-14 13:24 - 2014-09-14 13:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 11:35 - 2014-05-24 08:58 - 00000572 _____ () C:\WINDOWS\wiso.ini
2014-09-13 16:13 - 2013-09-30 12:50 - 00000000 ____D () C:\Users\***\AppData\Roaming\uTorrent
2014-09-13 15:55 - 2014-07-13 10:54 - 00000000 ____D () C:\Users\***\AppData\Local\Abelssoft
2014-09-13 05:40 - 2014-08-07 15:21 - 00003374 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-13 05:40 - 2014-08-07 15:21 - 00003322 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-13 05:39 - 2014-08-17 13:00 - 00007021 _____ () C:\WINDOWS\setupact.log
2014-09-12 15:54 - 2014-01-18 15:28 - 00000000 ____D () C:\Users\***\AppData\Local\Deployment
2014-09-12 10:50 - 2014-08-17 11:19 - 00000000 ____D () C:\Users\***\AppData\Roaming\vlc
2014-09-11 16:57 - 2014-07-31 15:16 - 00000000 ____D () C:\Users\***\AppData\Local\NVIDIA Corporation
2014-09-11 14:48 - 2014-07-13 10:54 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-11 14:47 - 2014-07-18 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-09-11 14:47 - 2014-07-13 10:54 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-11 08:39 - 2014-06-10 20:52 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-11 08:39 - 2014-05-06 17:00 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 08:39 - 2014-05-06 17:00 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 08:38 - 2014-06-10 20:52 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 08:38 - 2014-06-10 20:41 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-10 19:28 - 2013-08-18 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 19:26 - 2013-08-17 09:35 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 19:11 - 2013-08-17 09:35 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-10 07:32 - 2013-10-25 11:14 - 00138240 ___SH () C:\Users\***\Desktop\Thumbs.db
2014-09-09 19:26 - 2013-08-28 07:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-09 13:31 - 2013-11-08 08:53 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-09-04 08:45 - 2014-09-04 08:45 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\Program Files\Java
2014-09-02 22:06 - 2014-08-17 09:22 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-08-17 09:22 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 07:43 - 2013-08-17 15:25 - 00000000 ____D () C:\Users\***\Documents\My Games
2014-09-02 07:34 - 2014-08-25 11:01 - 00055723 _____ () C:\WINDOWS\DirectX.log
2014-09-02 07:30 - 2014-01-30 21:36 - 00000000 ____D () C:\ProgramData\Skype
2014-09-02 07:28 - 2014-03-02 19:56 - 00000000 ____D () C:\Program Files\PeerBlock
2014-08-27 12:14 - 2014-08-27 12:14 - 00000000 ____D () C:\Users\***\AppData\Roaming\Kalypso Media
2014-08-27 11:48 - 2013-08-17 15:16 - 00000000 ____D () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-27 11:15 - 2014-08-25 11:05 - 00000000 ____D () C:\Users\***\AppData\Roaming\DarknessII
2014-08-23 09:48 - 2014-09-14 11:40 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-23 09:13 - 2014-09-14 11:40 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-14 11:40 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-14 11:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-14 11:40 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-14 11:40 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 06:33 - 2014-09-14 11:40 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-14 11:40 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-14 11:40 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-23 02:42 - 2014-08-28 08:55 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-17 13:00 - 2014-08-17 13:00 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-17 11:18 - 2014-08-17 11:18 - 00001088 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-17 10:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-17 09:25 - 2013-08-19 08:01 - 00000000 ____D () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\CHIP_Updater.exe
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwsytt5.dll
C:\Users\***\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 08:16

==================== End Of Log ============================

--- --- ---

dr.kleiner · 16.09.2014, 10:24

und jetzt bei addition die Checkbox ändern und nochmal:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by *** at 2014-09-16 11:12:32
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.28 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5022.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5022.52 - CyberLink Corp.) Hidden
Atheros Outlook Addin 2010 (HKCU\...\BB108A893815B64BF41C4574C3324FB7371AA244) (Version: 1.0.0.0 - Microsoft)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
Blood Bowl: Legendary Edition (HKLM-x32\...\Steam App 58520) (Version:  - Cyanide Studios)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{3331E34D-38D0-49CE-A395-B30B05FCCE6C}) (Version: 1.11.0 - Kovid Goyal)
CBR (HKLM\...\{A8305DB2-3F6A-43CF-8CE3-EFD3D0F1C352}) (Version: 0.7 - G.Waser)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.31 - Abelssoft)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.3625 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
Devil May Cry 3: Special Edition (HKLM-x32\...\Steam App 6550) (Version:  - CAPCOM Co., Ltd.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EasyCash&Tax 1.63 (HKLM-x32\...\EasyCash&Tax_is1) (Version:  - tm)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version:  - HalfBaked)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version:  - BioWare)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Painkiller Hell & Damnation (HKLM-x32\...\Steam App 214870) (Version:  - The Farm 51)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version:  - UBIart Montpellier)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6829 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Simeranya 1.5.0.0 (HKLM-x32\...\Simeranya) (Version: 1.5.0.0 - Simeranya Labs)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
SPlayer (HKLM-x32\...\SPlayer) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.STANDARD_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.STANDARD_{8F699D53-05FB-488E-B7D3-E4E47257BE5D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.STANDARD_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.STANDARD_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.STANDARD_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic Entertainment)
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WISO Steuer 2014 (HKLM-x32\...\{E09ADC7D-AD95-4E65-92F0-75B58FD25801}) (Version: 21.00.8480 - Buhl Data Service GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

10-09-2014 17:09:29 Windows Update
14-09-2014 12:17:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2014-01-23 08:09 - 00450639 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C266F8E-BC52-4F69-93E8-63F9A3FA969E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {12D9387B-BBE3-42EC-8072-E4DC10E9AB1A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {1B47A61D-7A83-46BF-AF52-1919FDBE0BD4} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21F400CC-9E84-4077-BFEE-AEFEB39424B9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3AEA6ADC-B43E-42E2-8580-6F741803BA43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {47FB4396-115C-465A-BAF4-C72BF5A7F222} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5022CAD1-AC75-4125-AB87-2832D6EFCEE9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {57522FAE-7B6C-46E0-A0F9-40990D721BBA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {62E2E7C0-7E16-442C-8046-AABA0DE8BCAF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {63C667E1-CDDB-457A-A417-1CE1D7E85286} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {641EDB3E-4649-4CA4-86B7-32F3B6A3AC27} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E4BDF67-12E6-4122-BDD4-621D20353CF4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75CB1FC8-9432-4E66-9A40-A3B274E96DD7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {77B01DFA-FDFE-42B5-B08A-2695449FFBB2} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-05-03] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8DC68DD6-5425-42A4-8248-691E5C4C8EC2} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-09-02] (CHIP)
Task: {96B9331D-E090-41D0-AB1D-78BF09E60A7A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {9BB4C78A-A497-4B1C-B828-0DEE5397F363} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A1CB6198-9756-4FC5-BE2B-4F1C5C0802B1} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {A238D1E7-FA95-42E8-B970-4E987A791C18} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {AC376049-A73E-4AF9-9058-41ACF904AF43} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {B556F53D-C8E9-495B-8DDD-47D60965F7D8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {BD3D8CE7-7F13-40CE-A0CA-39DA03723A2E} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
Task: {BF492433-35A8-4730-8F59-ECB8C570BDC7} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-04-06] (RealNetworks, Inc.)
Task: {C44872FF-78CF-4F19-97BE-4A63048234D3} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {C5D85418-194E-41D0-97D9-7C3447B03603} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {C6191E5E-DDAE-4C6F-9654-2B15C0715194} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D1F96715-25C5-4316-B1BE-C09C50F3B6B0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {D306AC8B-FA13-4D94-B815-1CA592C2A4E0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D8AF3B67-C9F4-4DD4-BBA3-054F3EA867BA} - System32\Tasks\FF Watcher {FFF41F5B-1A6E-4CF1-9FB2-C7A2BEDBFFBA} => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E3B4CF7F-78B9-45FE-9E46-DA10D92E1411} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E8619339-0AA0-45CC-9C97-BBF9A44C1297} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-10] (Microsoft Corporation)
Task: {F98B0C49-4463-4087-8429-F065C2C3D328} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-02] (AVAST Software)
Task: {FE967167-A94A-4B47-8120-6868A33B3034} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FF Watcher {FFF41F5B-1A6E-4CF1-9FB2-C7A2BEDBFFBA}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-31 15:07 - 2014-07-02 22:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-31 15:15 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-29 20:55 - 2013-12-17 13:39 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-08-29 20:55 - 2013-12-17 13:39 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-04-06 23:00 - 2014-04-06 23:00 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-07 03:06 - 2014-04-07 03:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-09-10 07:38 - 2014-09-10 07:38 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2012-11-29 18:15 - 2012-11-29 18:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-01 14:02 - 2013-10-01 14:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-02 00:31 - 2014-07-02 00:31 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-15 16:29 - 2014-09-15 16:29 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091500\algo.dll
2014-09-16 07:38 - 2014-09-16 07:38 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091501\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-11 09:44 - 2014-05-11 09:44 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-09-16 07:38 - 2014-09-16 07:38 - 00043008 _____ () c:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwsytt5.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-02 00:31 - 2014-07-02 00:31 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-05-17 13:43 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-09-14 13:24 - 2014-09-14 13:24 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-31 15:07 - 2014-07-02 22:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\***\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKCU\...\StartupApproved\Run: => "Amazon Cloud Player"

==================== Faulty Device Manager Devices =============

Name: Virtual Bluetooth Support
Description: Virtual Bluetooth Support
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2014 08:16:19 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/15/2014 07:16:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/15/2014 04:14:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/14/2014 07:29:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/14/2014 06:20:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wmain14.dll, Version 2014.21.9.8715 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c70

Startzeit: 01cfcfff2dcfde08

Endzeit: 4294967295

Anwendungspfad: D:\Programme D\WISO\Steuersoftware 2014\wmain14.dll

Berichts-ID: 06c3095f-3c2b-11e4-bf35-6c71d972f612

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/14/2014 02:17:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/14/2014 11:24:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/13/2014 05:51:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/13/2014 05:47:56 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/12/2014 03:43:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (09/12/2014 01:48:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062

Error: (09/12/2014 08:11:13 AM) (Source: Ntfs) (EventID: 138) (User: )
Description: Bei "C:\" wurde vom Transaktionsressourcen-Manager ein schwerwiegender Fehler festgestellt, und er wurde heruntergefahren. Der Fehlercode ist in den Daten enthalten.

Error: (09/10/2014 07:28:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5 unter Windows 8.1 und Windows Server 2012 R2 für x64-basierte Systeme (KB2972213)

Error: (09/10/2014 07:26:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Windows 8.1 für x64-basierte Systeme (KB2988948)

Error: (09/10/2014 07:26:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5 unter Windows 8.1 und Windows Server 2012 R2 für x64-basierte Systeme (KB2894852)

Error: (09/10/2014 07:26:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5 unter Windows 8.1 und Windows Server 2012 R2 für x64-basierte Systeme (KB2973114)

Error: (09/10/2014 07:26:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Internet Explorer Flash Player für Windows 8.1 für x64-Systeme (KB2987114)

Error: (09/10/2014 07:26:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Kumulatives Sicherheitsupdate für Internet Explorer 11 für Windows 8.1 für x64-Systeme (KB2977629)

Error: (09/06/2014 01:53:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062

Error: (09/03/2014 06:32:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062


Microsoft Office Sessions:
=========================
Error: (09/16/2014 08:16:19 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe

Error: (09/15/2014 07:16:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe

Error: (09/15/2014 04:14:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe

Error: (09/14/2014 07:29:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe

Error: (09/14/2014 06:20:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wmain14.dll2014.21.9.87151c7001cfcfff2dcfde084294967295D:\Programme D\WISO\Steuersoftware 2014\wmain14.dll06c3095f-3c2b-11e4-bf35-6c71d972f612

Error: (09/14/2014 02:17:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe

Error: (09/14/2014 11:24:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe

Error: (09/13/2014 05:51:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe

Error: (09/13/2014 05:47:56 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe

Error: (09/12/2014 03:43:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 43%
Total physical RAM: 8077.54 MB
Available physical RAM: 4571.73 MB
Total Pagefile: 9357.54 MB
Available Pagefile: 5924.55 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:111.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:23.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 337AEAFE)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 371633ED)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 16.09.2014, 19:45

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

dr.kleiner · 17.09.2014, 08:34

So, hier die ganzen logs, wurde schon mal einiges gefunden, dafür schon mal Danke!!

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.09.2014
Suchlauf-Zeit: 21:03:51
Logdatei: MWB log.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.16.07
Rootkit Datenbank: v2014.09.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Christian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 363912
Verstrichene Zeit: 30 Min, 48 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 5
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, , [cc8b0ae49cdf8babb816d7b4679b35cb], 
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, , [cc8b0ae49cdf8babb816d7b4679b35cb]
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, , [cc8b0ae49cdf8babb816d7b4679b35cb]
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, , [e572ba34c6b552e49a34098226dc9e62], 
PUP.Optional.QuickStart.A, HKU\S-1-5-21-2912521998-1118320013-3424448078-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, , [a3b420ce4b30f64007b3d939e3201ae6]

Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[9abd35b9bbc0a39376257d830df814ec]

Ordner: 2
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, , [ef68a24cd1aae650c4912fa632d027d9], 
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, , [ef68a24cd1aae650c4912fa632d027d9], 

Dateien: 6
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, , [ea6d7e70403bf14572f0bea820e17a86], 
PUP.Optional.WpManager, C:\ProgramData\WPM\wprotectmanager.exe, , [f95e5d91a6d564d215e02050cc3552ae], 
PUP.Optional.VBates, C:\Windows\System32\Tasks\FF Watcher {FFF41F5B-1A6E-4CF1-9FB2-C7A2BEDBFFBA}, , [5afdae40b9c296a00045d82fa75c02fe], 
PUP.Optional.VBates, C:\Windows\Tasks\FF Watcher {FFF41F5B-1A6E-4CF1-9FB2-C7A2BEDBFFBA}.job, , [e572f6f889f2fa3c4bfb769145be629e], 
PUP.Optional.Vbates.A, C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage, , [4215a04e037837ffdfb6080535cee818], 
PUP.Optional.SweetPage.A, C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://www.google.com/", "hxxp://www.sweet-page.com/?type=hp&ts=1399046166&from=cor&uid=WDCXWD5000LPVX-80V0TT0_WD-WX91A234910349103" ],), ,[ec6b7d71f08b4aece2c6b38138cd9a66]

Physische Sektoren: 0
(No malicious items detected)


(end)

ADW:

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 17/09/2014 um 08:52:41
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : +++ - +++S56
# Gestartet von : C:\Users\+++\Downloads\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WPM
Datei Gelöscht : C:\Users\+++\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\+++\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Schlüssel Gelöscht : HKCU\Software\OCS
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17278


-\\ Mozilla Firefox v32.0.1 (x86 de)

[ Datei : C:\Users\+++\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);

-\\ Google Chrome v37.0.2062.120

[ Datei : C:\Users\+++\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Gelöscht [Extension] : ljmibnagodajacnnbifpamhggcohblip

*************************

AdwCleaner[R0].txt - [2395 octets] - [29/01/2014 20:49:24]
AdwCleaner[R1].txt - [9165 octets] - [02/05/2014 18:06:18]
AdwCleaner[R2].txt - [2212 octets] - [17/09/2014 08:44:24]
AdwCleaner[S0].txt - [2460 octets] - [29/01/2014 21:26:29]
AdwCleaner[S1].txt - [6347 octets] - [02/05/2014 18:12:45]
AdwCleaner[S2].txt - [2083 octets] - [17/09/2014 08:52:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2143 octets] ##########

--- --- ---

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.5 (09.16.2014:1)
OS: Windows 8.1 x64
Ran by *** on 17.09.2014 at  8:59:59,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\av18muiz.default\extensions\staged
Successfully deleted the following from C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\av18muiz.default\prefs.js

user_pref("services.sync.tabs.syncID", "Wjek1V9sAHvP");
Emptied folder: C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\av18muiz.default\minidumps [26 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.09.2014 at  9:14:31,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und der frische FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by *** (administrator) on ***S56 on 17-09-2014 09:18:59
Running from C:\Users\***\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-23] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-05-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [Amazon Cloud Player] => C:\Users\***\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Programme D\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default
FF Homepage: hxxp://www.sueddeutsche.de/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*'))%20%7B%20return%20'PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\de_DE@dicts.j3e.de [2014-08-19]
FF Extension: United States English Spellchecker - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-11-18]
FF Extension: Garmin Communicator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-19]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-08]
FF Extension: DownloadHelper - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Ghostery - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\firefox@ghostery.com.xpi [2013-08-19]
FF Extension: ProxTube - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-19]
FF Extension: Deutsch (DE) Language Pack - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-11-18]
FF Extension: ScrapBook - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2014-02-10]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-07]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.sueddeutsche.de/,%20hxxp://news.google.com/
CHR DefaultSearchKeyword: Default -> A5C3AF8B241A09DDCBC99E41A5614ABAC79D788001D2A8E3C4B970DF9D063250
CHR DefaultSearchURL: Default -> A65F1236A39E18DA1BC56F81FBA9757427ACBA153F3D6AC876E46748FA684FF4
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (Turn Off the Lights) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-08-16]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-16]
CHR Extension: (Adblock Plus) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-16]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-16]
CHR Extension: (RAD Soldiers) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiahcckehgdocgonfdickeagmoembpe [2013-09-07]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2013-08-19]
CHR Extension: (RealPlayer Downloader) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-11]
CHR Extension: (Dropbox) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-09-01]
CHR Extension: (Ghostery) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-08-16]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-02]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-02] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2013-12-17] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2013-12-17] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-11] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-09-04] (Google Inc)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-02] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-05-03] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [126440 2009-12-19] (QUALCOMM Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-17 09:14 - 2014-09-17 09:14 - 00001201 _____ () C:\Users\***\Desktop\JRT.txt
2014-09-17 08:59 - 2014-09-17 08:59 - 01016035 _____ (Thisisu) C:\Users\***\Downloads\JRT(1).exe
2014-09-17 08:43 - 2014-09-17 08:43 - 01016035 _____ (Thisisu) C:\Users\***\Downloads\JRT.exe
2014-09-17 08:42 - 2014-09-17 08:42 - 01373475 _____ () C:\Users\***\Downloads\AdwCleaner_3.310.exe
2014-09-16 21:02 - 2014-09-16 21:02 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-16 21:01 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-16 21:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-16 21:00 - 2014-09-16 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\***\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 11:12 - 2014-09-16 11:33 - 00054523 _____ () C:\Users\***\Downloads\Addition.txt
2014-09-16 10:55 - 2014-09-17 09:18 - 00034703 _____ () C:\Users\***\Downloads\FRST.txt
2014-09-16 10:23 - 2014-09-16 10:24 - 02105856 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2014-09-16 07:38 - 2014-09-17 09:00 - 00000000 ____D () C:\Users\***\Documents\Mein Steuer-Sparbuch Heute
2014-09-15 20:55 - 2014-09-15 20:55 - 00000000 ____D () C:\Users\***\Documents\Steuer-Sparbuch
2014-09-15 20:53 - 2014-09-15 20:53 - 00000954 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-09-15 20:53 - 2014-09-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-09-15 07:54 - 2014-09-15 07:54 - 00001452 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iPod
2014-09-14 15:24 - 2014-09-14 15:24 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer(1).exe
2014-09-14 15:17 - 2014-09-14 15:17 - 00000000 ____D () C:\Users\***\AppData\Local\Unity
2014-09-14 15:16 - 2014-09-14 15:16 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer.exe
2014-09-14 13:24 - 2014-09-14 13:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 11:59 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-14 11:59 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-14 11:59 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-14 11:58 - 2014-07-24 17:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-14 11:58 - 2014-07-24 17:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-14 11:58 - 2014-07-24 17:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-14 11:58 - 2014-07-24 17:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-14 11:58 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-14 11:58 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-14 11:58 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-14 11:58 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-14 11:58 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-14 11:58 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-14 11:58 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-14 11:58 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-14 11:58 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-14 11:58 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-14 11:58 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-14 11:58 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-14 11:58 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-14 11:58 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-14 11:58 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-14 11:58 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-14 11:58 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-14 11:58 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-14 11:58 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-14 11:58 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-14 11:58 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-14 11:58 - 2014-07-24 13:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-14 11:58 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-14 11:58 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-14 11:58 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-14 11:58 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-14 11:58 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-14 11:58 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-14 11:58 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-14 11:58 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-14 11:58 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-14 11:58 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-14 11:58 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-14 11:58 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-14 11:58 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-14 11:58 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-14 11:58 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-14 11:58 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-14 11:58 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-14 11:58 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-14 11:58 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-14 11:58 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-14 11:58 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-14 11:58 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 11:58 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-14 11:58 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-14 11:58 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-14 11:58 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-14 11:58 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-14 11:58 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-14 11:58 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-14 11:58 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-14 11:58 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-14 11:58 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-14 11:58 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-14 11:58 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-14 11:58 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-14 11:58 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-14 11:58 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-14 11:58 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 11:58 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-14 11:58 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-14 11:58 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-14 11:58 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-14 11:58 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-14 11:58 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-14 11:58 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-14 11:58 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-14 11:58 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-14 11:58 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-14 11:58 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-14 11:58 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-14 11:58 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-14 11:58 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-14 11:58 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-14 11:58 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-14 11:58 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-14 11:58 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-14 11:58 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-14 11:58 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-14 11:58 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-14 11:58 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-14 11:58 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-14 11:58 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-14 11:58 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-14 11:58 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-14 11:58 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-14 11:58 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-14 11:58 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-14 11:58 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-14 11:58 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-14 11:58 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-14 11:58 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-14 11:58 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-14 11:58 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-14 11:58 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-14 11:58 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-14 11:58 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-14 11:58 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-14 11:58 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-14 11:58 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-14 11:58 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-14 11:58 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-14 11:58 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-14 11:58 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-14 11:58 - 2014-06-19 04:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-14 11:58 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-14 11:58 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-14 11:58 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-14 11:58 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-14 11:58 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-14 11:58 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-14 11:58 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-14 11:58 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-14 11:58 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-14 11:58 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-14 11:58 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-14 11:58 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-14 11:58 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-14 11:58 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-14 11:58 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-14 11:58 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-14 11:58 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-14 11:57 - 2014-07-24 17:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-14 11:57 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-14 11:57 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-14 11:57 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-14 11:57 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-14 11:57 - 2014-07-24 13:43 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-14 11:57 - 2014-07-24 13:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-14 11:57 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-14 11:57 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-14 11:57 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-14 11:57 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-14 11:57 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-14 11:57 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-14 11:57 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-14 11:57 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-14 11:57 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-14 11:57 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-14 11:57 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-14 11:57 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-14 11:57 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-14 11:57 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-14 11:57 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-14 11:57 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-14 11:57 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-14 11:57 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-14 11:57 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-14 11:57 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-14 11:57 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-14 11:57 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-14 11:57 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-14 11:57 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-14 11:57 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-14 11:57 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-14 11:57 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:57 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-14 11:57 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-14 11:57 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-14 11:57 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-14 11:57 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:57 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-14 11:57 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-14 11:57 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-14 11:57 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 11:57 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-14 11:57 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-14 11:57 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-14 11:57 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-14 11:57 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-14 11:57 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-14 11:57 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-14 11:57 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-14 11:57 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-14 11:57 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-14 11:57 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-14 11:57 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-14 11:57 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-14 11:57 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-14 11:57 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-14 11:57 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 11:40 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-14 11:40 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-14 11:40 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-14 11:40 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-14 11:40 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-14 11:40 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-14 11:40 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-14 11:40 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-14 11:40 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-14 11:40 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-14 11:40 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-14 11:35 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-11 08:38 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 08:38 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-11 08:38 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-11 08:38 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-11 08:38 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 08:38 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-11 08:38 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-11 08:38 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-11 08:38 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 08:38 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 08:38 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 08:38 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-11 08:38 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 08:38 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 08:38 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 08:38 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 08:38 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 08:38 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 08:38 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 08:38 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 08:38 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 08:38 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 08:38 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 08:38 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-11 08:38 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 08:37 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 08:37 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 08:37 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 08:37 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 08:37 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 08:37 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 08:37 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 08:37 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 08:37 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 08:37 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-10 08:26 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-10 08:25 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-10 08:25 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\Program Files\Java
2014-08-28 08:55 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-27 12:21 - 2014-09-16 14:18 - 00000000 ____D () C:\Users\***\AppData\Roaming\Tropico 4
2014-08-27 12:14 - 2014-08-27 12:14 - 00000000 ____D () C:\Users\***\AppData\Roaming\Kalypso Media
2014-08-25 11:05 - 2014-08-27 11:15 - 00000000 ____D () C:\Users\***\AppData\Roaming\DarknessII
2014-08-25 11:01 - 2014-09-02 07:34 - 00055723 _____ () C:\WINDOWS\DirectX.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-17 09:20 - 2014-09-16 10:55 - 00034703 _____ () C:\Users\***\Downloads\FRST.txt
2014-09-17 09:19 - 2014-01-26 19:20 - 00000000 ____D () C:\FRST
2014-09-17 09:15 - 2013-08-16 19:35 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 09:14 - 2014-09-17 09:14 - 00001201 _____ () C:\Users\***\Desktop\JRT.txt
2014-09-17 09:03 - 2013-09-30 06:14 - 01804156 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-17 09:03 - 2013-09-30 05:56 - 00781646 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-17 09:03 - 2013-09-30 05:56 - 00166324 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-17 09:00 - 2014-09-16 07:38 - 00000000 ____D () C:\Users\***\Documents\Mein Steuer-Sparbuch Heute
2014-09-17 09:00 - 2014-01-30 21:37 - 00000000 ____D () C:\Users\***\AppData\Roaming\Skype
2014-09-17 09:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-17 08:59 - 2014-09-17 08:59 - 01016035 _____ (Thisisu) C:\Users\***\Downloads\JRT(1).exe
2014-09-17 08:59 - 2013-08-16 22:23 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 08:56 - 2014-08-07 15:21 - 00003374 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 08:56 - 2014-08-07 15:21 - 00003322 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 08:56 - 2013-12-11 20:13 - 00000000 __RDO () C:\Users\***\SkyDrive
2014-09-17 08:56 - 2013-08-19 08:00 - 00000000 ____D () C:\Users\***\AppData\Roaming\Dropbox
2014-09-17 08:56 - 2013-08-16 22:23 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-17 08:56 - 2013-08-16 19:26 - 00000062 _____ () C:\Users\***\AppData\Roaming\sp_data.sys
2014-09-17 08:55 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-17 08:54 - 2014-08-10 17:00 - 00010814 _____ () C:\WINDOWS\PFRO.log
2014-09-17 08:54 - 2014-08-10 11:59 - 01613289 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-17 08:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-17 08:53 - 2014-01-29 20:30 - 00000000 ____D () C:\AdwCleaner
2014-09-17 08:43 - 2014-09-17 08:43 - 01016035 _____ (Thisisu) C:\Users\***\Downloads\JRT.exe
2014-09-17 08:42 - 2014-09-17 08:42 - 01373475 _____ () C:\Users\***\Downloads\AdwCleaner_3.310.exe
2014-09-17 08:38 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-17 08:37 - 2013-12-16 16:30 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8CDA66A8-D89E-41B7-861E-4D1C6BC3CB7D}
2014-09-17 08:35 - 2014-02-06 07:34 - 00000000 ____D () C:\Users\***\Desktop\Virensuche
2014-09-16 21:26 - 2013-08-28 07:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-16 21:02 - 2014-09-16 21:02 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-01-26 12:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 21:01 - 2013-08-16 22:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-16 21:00 - 2014-09-16 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\***\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 16:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-16 14:18 - 2014-08-27 12:21 - 00000000 ____D () C:\Users\***\AppData\Roaming\Tropico 4
2014-09-16 12:22 - 2013-08-18 00:13 - 00000000 ____D () C:\ProgramData\Origin
2014-09-16 12:18 - 2013-08-18 00:15 - 00000000 ____D () C:\Users\***\AppData\Roaming\Origin
2014-09-16 11:38 - 2013-08-18 00:13 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-16 11:33 - 2014-09-16 11:12 - 00054523 _____ () C:\Users\***\Downloads\Addition.txt
2014-09-16 10:24 - 2014-09-16 10:23 - 02105856 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2014-09-16 07:39 - 2014-08-04 08:37 - 00003352 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-16 07:39 - 2014-08-04 08:37 - 00003300 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-16 07:37 - 2013-08-22 16:44 - 00489480 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-15 20:55 - 2014-09-15 20:55 - 00000000 ____D () C:\Users\***\Documents\Steuer-Sparbuch
2014-09-15 20:54 - 2014-05-24 08:52 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-09-15 20:53 - 2014-09-15 20:53 - 00000954 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-09-15 20:53 - 2014-09-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-09-15 10:34 - 2013-08-18 15:47 - 00000000 ____D () C:\Users\***\Documents\Outlook-Dateien
2014-09-15 07:54 - 2014-09-15 07:54 - 00001452 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iPod
2014-09-15 07:33 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 22:19 - 2013-09-30 05:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-14 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-14 15:24 - 2014-09-14 15:24 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer(1).exe
2014-09-14 15:17 - 2014-09-14 15:17 - 00000000 ____D () C:\Users\***\AppData\Local\Unity
2014-09-14 15:16 - 2014-09-14 15:16 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer.exe
2014-09-14 13:24 - 2014-09-14 13:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 11:35 - 2014-05-24 08:58 - 00000572 _____ () C:\WINDOWS\wiso.ini
2014-09-13 16:13 - 2013-09-30 12:50 - 00000000 ____D () C:\Users\***\AppData\Roaming\uTorrent
2014-09-13 15:55 - 2014-07-13 10:54 - 00000000 ____D () C:\Users\***\AppData\Local\Abelssoft
2014-09-13 05:39 - 2014-08-17 13:00 - 00007021 _____ () C:\WINDOWS\setupact.log
2014-09-12 15:54 - 2014-01-18 15:28 - 00000000 ____D () C:\Users\***\AppData\Local\Deployment
2014-09-12 10:50 - 2014-08-17 11:19 - 00000000 ____D () C:\Users\***\AppData\Roaming\vlc
2014-09-11 16:57 - 2014-07-31 15:16 - 00000000 ____D () C:\Users\***\AppData\Local\NVIDIA Corporation
2014-09-11 14:48 - 2014-07-13 10:54 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-11 14:47 - 2014-07-18 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-09-11 14:47 - 2014-07-13 10:54 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-11 08:39 - 2014-06-10 20:52 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-11 08:39 - 2014-05-06 17:00 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 08:39 - 2014-05-06 17:00 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 08:38 - 2014-06-10 20:52 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 08:38 - 2014-06-10 20:41 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-10 19:28 - 2013-08-18 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 19:26 - 2013-08-17 09:35 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 19:11 - 2013-08-17 09:35 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-10 07:32 - 2013-10-25 11:14 - 00138240 ___SH () C:\Users\***\Desktop\Thumbs.db
2014-09-09 19:26 - 2013-08-28 07:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-09 13:31 - 2013-11-08 08:53 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-09-04 08:45 - 2014-09-04 08:45 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\Program Files\Java
2014-09-02 22:06 - 2014-08-17 09:22 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-08-17 09:22 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 07:43 - 2013-08-17 15:25 - 00000000 ____D () C:\Users\***\Documents\My Games
2014-09-02 07:34 - 2014-08-25 11:01 - 00055723 _____ () C:\WINDOWS\DirectX.log
2014-09-02 07:30 - 2014-01-30 21:36 - 00000000 ____D () C:\ProgramData\Skype
2014-09-02 07:28 - 2014-03-02 19:56 - 00000000 ____D () C:\Program Files\PeerBlock
2014-08-27 12:14 - 2014-08-27 12:14 - 00000000 ____D () C:\Users\***\AppData\Roaming\Kalypso Media
2014-08-27 11:48 - 2013-08-17 15:16 - 00000000 ____D () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-27 11:15 - 2014-08-25 11:05 - 00000000 ____D () C:\Users\***\AppData\Roaming\DarknessII
2014-08-23 09:48 - 2014-09-14 11:40 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-23 09:13 - 2014-09-14 11:40 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-14 11:40 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-14 11:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-14 11:40 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-14 11:40 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 06:33 - 2014-09-14 11:40 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-14 11:40 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-14 11:40 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-23 02:42 - 2014-08-28 08:55 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\CHIP_Updater.exe
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_jbhyl.dll
C:\Users\***\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\***\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-17 09:15

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

FYI: Das Problem mit google etc besteht leider immer noch. Dafür bauen die Seiten schon mal wieder schneller auf, dafür nochmal danke

Kannst Du mir mit dem Problem auch helfen? Ich kann hier z.B. auch keine Smileys auswählen, obwohl ich bei meinem NoScript alles außer google-analytics und googleadservices erlaubt habe...

Lieben Gruß

schrauber · 17.09.2014, 20:23

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

dr.kleiner · 19.09.2014, 07:40

wow, ich hab jetzt auch mal die ganzen alten Platten drangehängt, da hat der jetzt ziemlich lang für gebraucht. Aber da war jetzt auch noch mal einiges...

eset:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=dffa99af26f0ff4d86e6d9e9135c6089
# engine=20217
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-19 02:59:03
# local_time=2014-09-19 04:59:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 249723 175516033 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10847892 35976836 0 0
# scanned=567037
# found=25
# cleaned=0
# scan_time=35148
sh=4E475FD620FBCCBB37453AF2BD0427BDA73109FF ft=1 fh=70875884387ffbdb vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=524ED1264811258D64BA2BE8B48005C6D1935713 ft=1 fh=19b60c262a337e59 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=72971E4B87542575A876B36FB87879B416F4EC88 ft=1 fh=eb8c71c588367618 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir"
sh=01C9B3D0E073B824021B29F1FD957A8643DF6931 ft=1 fh=9d9cb38b273b86fe vn="Variante von Win32/ELEX.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir"
sh=F34BB16FA7EEF85B106A7C3A3FDEEE95ECF18001 ft=1 fh=7bd5299d4d87abc5 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=FB15CD6ADCD9BDFBF68D5DF5EAEA02BF329F8D4F ft=1 fh=dfa2b1c2f56e7303 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=B733C40B96BCA6CC139230D0F7C4E51CEC12CF35 ft=1 fh=08ea3c71e6c55c1b vn="Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=D6F9F256C03B81C01D6CFF28D2D966F59F786AC3 ft=1 fh=3a3e287aa52ff7e5 vn="Variante von Win64/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir"
sh=EC7EC5D60C5A578BC9953115D368BECD05BA14B2 ft=1 fh=ecbff00cc7dcc0fd vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=EC7EC5D60C5A578BC9953115D368BECD05BA14B2 ft=1 fh=ecbff00cc7dcc0fd vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\***\AppData\Roaming\SupTab\SupTab.dll.vir"
sh=1DA7E55B7B8609994368D0C56A7B76474F882B6A ft=1 fh=6342ba6251261b43 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir"
sh=5DB0A9B9EC93254C15BF6D7C553B0232B0615273 ft=1 fh=cf89c6ff9c0b335e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\Users\***\AppData\Local\Temp\CDBurnerXP-updates\cdbxp_setup_4.5.4.5000.exe"
sh=DD0CCCB7263305D5E646155569F7C4EAE79A001E ft=1 fh=ce220f05a9346fb0 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\***\Desktop\Zwischenspeicher\CrystalDiskInfo5_0_3Shizuku-en.exe"
sh=A27BFBB4988E87828C8448A2EE5A6D1CC925BA2E ft=1 fh=ec9b5e18e14751a4 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="F:\Movies\Chick Flicks\The Break Up Artist {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe"
sh=16031DA29B568B0CCA9118A616A81137B2B49277 ft=0 fh=0000000000000000 vn="Variante von WMA/TrojanDownloader.GetCodec.gen Trojaner" ac=I fn="F:\Movies\Horrornight\Sucker Punch\Sucker Punch.avi"
sh=9DC2D977D30685FC8C4888A91D1513DAEC8AC7DF ft=0 fh=0000000000000000 vn="Variante von WMA/TrojanDownloader.GetCodec.gen Trojaner" ac=I fn="F:\Movies\Red Riding Hood 2011\Red Riding Hood 2011 BDrip.ENG.720p.XviD-ViSiON.avi"
sh=16031DA29B568B0CCA9118A616A81137B2B49277 ft=0 fh=0000000000000000 vn="Variante von WMA/TrojanDownloader.GetCodec.gen Trojaner" ac=I fn="F:\Movies\Sucker Punch\Sucker Punch.avi"
sh=3BE90BF6E38E0440BDD74FD3521221017E5B9F13 ft=0 fh=0000000000000000 vn="Variante von WMA/TrojanDownloader.GetCodec.gen Trojaner" ac=I fn="F:\Movies\The Conspirator\The.Conspirator.DVDRip.XviD-DiAMOND.avi"
sh=49ACAFACAAC62A745E69D71A58CC9453C41B15D0 ft=1 fh=b98f31ba52914450 vn="Variante von Win32/Toolbar.Conduit.I evtl. unerwünschte Anwendung" ac=I fn="G:\chris [Linux]\Downloads\unsortierte Programme\UBCD4WinV360.exe"
sh=8811CA38362D29EB32EBF5D6321D60683AC1DEB5 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="G:\***-PC\Backup Set 2011-02-17 130440\Backup Files 2011-02-17 130440\Backup files 7.zip"
sh=8AF4C06343B5E877591CEDAF6A552736683BD7D1 ft=0 fh=0000000000000000 vn="Win32/RegistryReviver evtl. unerwünschte Anwendung" ac=I fn="G:\***-PC\Backup Set 2011-02-17 130440\Backup Files 2011-03-21 085914\Backup files 1.zip"
sh=70AE15DCB5D78FB9C7505A5EC6F242370D0FCFA9 ft=0 fh=0000000000000000 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="G:\***-PC\Backup Set 2011-02-17 130440\Backup Files 2011-03-21 085914\Backup files 4.zip"
sh=16031DA29B568B0CCA9118A616A81137B2B49277 ft=0 fh=0000000000000000 vn="Variante von WMA/TrojanDownloader.GetCodec.gen Trojaner" ac=I fn="I:\Filme\Sucker Punch\Sucker Punch.avi"
sh=151DE2063FAF1FCBF2BA2957B032365686615838 ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.AG potenziell unsichere Anwendung" ac=I fn="J:\Games_Programs\DNS Versch. Vers WD\DNS v10 Preferred.rar"
sh=990E5065445B5D76A8EC039C2488331837BDB252 ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.DU potenziell unsichere Anwendung" ac=I fn="J:\Games_Programs\DNS Versch. Vers WD\Datei\d-ndns.iso"

Habe im log jetzt schon ein paar ...Dateien... gesehen und werde wohl mal ein Gespräch mit meinem Sohn haben müssen...

Aber hier jetzt eben eine Zwischenfrage:
Die Daten sind jetzt in der Quarantäne? (Wo) Kann man die dann einfach löschen?
fange jetzt mit den weiteren scans an...
Lieben Gruß

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.87  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Adobe Flash Player 	15.0.0.152  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Firefox (32.0.2) 
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by *** (administrator) on ***S56 on 19-09-2014 08:33:55
Running from C:\Users\***\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Farbar) C:\Users\***\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-23] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-05-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [Amazon Cloud Player] => C:\Users\***\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Programme D\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default
FF Homepage: hxxp://www.sueddeutsche.de/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com')%20%7B%20return%20'PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\de_DE@dicts.j3e.de [2014-09-18]
FF Extension: United States English Spellchecker - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-11-18]
FF Extension: Garmin Communicator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-19]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-08]
FF Extension: DownloadHelper - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Ghostery - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\firefox@ghostery.com.xpi [2013-08-19]
FF Extension: ProxTube - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-19]
FF Extension: Deutsch (DE) Language Pack - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-11-18]
FF Extension: ScrapBook - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2014-02-10]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-07]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\av18muiz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.sueddeutsche.de/,%20hxxp://news.google.com/
CHR DefaultSearchKeyword: Default -> A5C3AF8B241A09DDCBC99E41A5614ABAC79D788001D2A8E3C4B970DF9D063250
CHR DefaultSearchURL: Default -> A65F1236A39E18DA1BC56F81FBA9757427ACBA153F3D6AC876E46748FA684FF4
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (Turn Off the Lights) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-08-16]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-16]
CHR Extension: (Adblock Plus) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-16]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-16]
CHR Extension: (RAD Soldiers) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiahcckehgdocgonfdickeagmoembpe [2013-09-07]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2013-08-19]
CHR Extension: (RealPlayer Downloader) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-11]
CHR Extension: (Dropbox) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-09-01]
CHR Extension: (Ghostery) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-08-16]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-02]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-02] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2013-12-17] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2013-12-17] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-11] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-09-04] (Google Inc)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-02] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-05-03] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-17] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [126440 2009-12-19] (QUALCOMM Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 08:33 - 2014-09-19 08:33 - 02105856 _____ (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2014-09-19 08:32 - 2014-09-19 08:32 - 01097728 _____ (Farbar) C:\Users\***\Downloads\FRST.exe
2014-09-19 08:23 - 2014-09-19 08:23 - 00854417 _____ () C:\Users\***\Downloads\SecurityCheck.exe
2014-09-18 22:59 - 2014-09-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 19:01 - 2014-09-18 19:02 - 02347384 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_deu.exe
2014-09-18 08:44 - 2014-09-18 08:44 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-09-17 19:46 - 2014-09-18 08:42 - 00003352 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 19:46 - 2014-09-18 08:42 - 00003300 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 09:14 - 2014-09-17 09:14 - 00001201 _____ () C:\Users\***\Desktop\JRT.txt
2014-09-17 08:59 - 2014-09-17 08:59 - 01016035 _____ (Thisisu) C:\Users\***\Downloads\JRT(1).exe
2014-09-17 08:43 - 2014-09-17 08:43 - 01016035 _____ (Thisisu) C:\Users\***\Downloads\JRT.exe
2014-09-17 08:42 - 2014-09-17 08:42 - 01373475 _____ () C:\Users\***\Downloads\AdwCleaner_3.310.exe
2014-09-16 21:02 - 2014-09-17 21:58 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-16 21:01 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-16 21:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-16 21:00 - 2014-09-16 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\***\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 11:12 - 2014-09-16 11:33 - 00054523 _____ () C:\Users\***\Downloads\Addition.txt
2014-09-16 10:55 - 2014-09-19 08:33 - 00035552 _____ () C:\Users\***\Downloads\FRST.txt
2014-09-16 10:23 - 2014-09-16 10:24 - 02105856 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2014-09-16 07:38 - 2014-09-18 19:03 - 00000000 ____D () C:\Users\***\Documents\Mein Steuer-Sparbuch Heute
2014-09-15 20:55 - 2014-09-15 20:55 - 00000000 ____D () C:\Users\***\Documents\Steuer-Sparbuch
2014-09-15 20:53 - 2014-09-15 20:53 - 00000954 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-09-15 20:53 - 2014-09-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-09-15 07:54 - 2014-09-15 07:54 - 00001452 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iPod
2014-09-14 15:24 - 2014-09-14 15:24 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer(1).exe
2014-09-14 15:17 - 2014-09-14 15:17 - 00000000 ____D () C:\Users\***\AppData\Local\Unity
2014-09-14 15:16 - 2014-09-14 15:16 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer.exe
2014-09-14 11:59 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-14 11:59 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-14 11:59 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-14 11:58 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-14 11:58 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-14 11:58 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-14 11:58 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-14 11:58 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-14 11:58 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-14 11:58 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-14 11:58 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-14 11:58 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-14 11:58 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-14 11:58 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-14 11:58 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-14 11:58 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-14 11:58 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-14 11:58 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-14 11:58 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-14 11:58 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-14 11:58 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-14 11:58 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-14 11:58 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-14 11:58 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-14 11:58 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-14 11:58 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-14 11:58 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-14 11:58 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-14 11:58 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-14 11:58 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-14 11:58 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-14 11:58 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-14 11:58 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-14 11:58 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-14 11:58 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-14 11:58 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-14 11:58 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-14 11:58 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-14 11:58 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-14 11:58 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-14 11:58 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-14 11:58 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-14 11:58 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-14 11:58 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-14 11:58 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-14 11:58 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-14 11:58 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-14 11:58 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-14 11:58 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-14 11:58 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-14 11:58 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 11:58 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-14 11:58 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-14 11:58 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-14 11:58 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-14 11:58 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-14 11:58 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-14 11:58 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-14 11:58 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-14 11:58 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-14 11:58 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-14 11:58 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-14 11:58 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-14 11:58 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-14 11:58 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-14 11:58 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-14 11:58 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 11:58 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-14 11:58 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-14 11:58 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-14 11:58 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-14 11:58 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-14 11:58 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-14 11:58 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-14 11:58 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-14 11:58 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-14 11:58 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-14 11:58 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-14 11:58 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-14 11:58 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-14 11:58 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-14 11:58 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-14 11:58 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-14 11:58 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-14 11:58 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-14 11:58 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-14 11:58 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-14 11:58 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-14 11:58 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-14 11:58 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-14 11:58 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-14 11:58 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-14 11:58 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-14 11:58 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-14 11:58 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-14 11:58 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-14 11:58 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-14 11:58 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-14 11:58 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-14 11:58 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-14 11:58 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-14 11:58 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-14 11:58 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-14 11:58 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-14 11:58 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-14 11:58 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-14 11:58 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-14 11:58 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-14 11:58 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-14 11:58 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-14 11:58 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-14 11:58 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-14 11:58 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-14 11:58 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-14 11:58 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-14 11:58 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-14 11:58 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-14 11:58 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-14 11:58 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-14 11:58 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-14 11:58 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-14 11:58 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-14 11:58 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-14 11:58 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-14 11:58 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-14 11:58 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-14 11:58 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-14 11:58 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-14 11:58 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-14 11:58 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-14 11:57 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-14 11:57 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-14 11:57 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-14 11:57 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-14 11:57 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-14 11:57 - 2014-07-24 13:43 - 00064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-14 11:57 - 2014-07-24 13:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-14 11:57 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-14 11:57 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-14 11:57 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-14 11:57 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-14 11:57 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-14 11:57 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-14 11:57 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-14 11:57 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-14 11:57 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-14 11:57 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-14 11:57 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-14 11:57 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-14 11:57 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-14 11:57 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-14 11:57 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-14 11:57 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-14 11:57 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-14 11:57 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-14 11:57 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-14 11:57 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-14 11:57 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-14 11:57 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-14 11:57 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-14 11:57 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-14 11:57 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-14 11:57 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-14 11:57 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:57 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-14 11:57 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-14 11:57 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-14 11:57 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-14 11:57 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:57 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-14 11:57 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-14 11:57 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-14 11:57 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 11:57 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-14 11:57 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-14 11:57 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-14 11:57 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-14 11:57 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-14 11:57 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-14 11:57 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-14 11:57 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-14 11:57 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-14 11:57 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-14 11:57 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-14 11:57 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-14 11:57 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-14 11:57 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-14 11:57 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-14 11:57 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 11:40 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-14 11:40 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-14 11:40 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-14 11:40 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-14 11:40 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-14 11:40 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-14 11:40 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-14 11:40 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-14 11:40 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-14 11:40 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-14 11:40 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-14 11:35 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-11 08:38 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 08:38 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-11 08:38 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-11 08:38 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-11 08:38 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 08:38 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-11 08:38 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-11 08:38 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-11 08:38 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 08:38 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 08:38 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 08:38 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-11 08:38 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 08:38 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 08:38 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 08:38 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 08:38 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 08:38 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 08:38 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 08:38 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 08:38 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 08:38 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 08:38 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 08:38 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-11 08:38 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 08:37 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 08:37 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 08:37 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 08:37 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 08:37 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 08:37 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 08:37 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 08:37 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 08:37 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 08:37 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-10 08:26 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-10 08:25 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-10 08:25 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\Program Files\Java
2014-08-28 08:55 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-27 12:21 - 2014-09-17 19:18 - 00000000 ____D () C:\Users\***\AppData\Roaming\Tropico 4
2014-08-27 12:14 - 2014-08-27 12:14 - 00000000 ____D () C:\Users\***\AppData\Roaming\Kalypso Media
2014-08-25 11:05 - 2014-08-27 11:15 - 00000000 ____D () C:\Users\***\AppData\Roaming\DarknessII
2014-08-25 11:01 - 2014-09-02 07:34 - 00055723 _____ () C:\WINDOWS\DirectX.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 08:36 - 2014-09-16 10:55 - 00035552 _____ () C:\Users\***\Downloads\FRST.txt
2014-09-19 08:34 - 2014-01-26 19:20 - 00000000 ____D () C:\FRST
2014-09-19 08:33 - 2014-09-19 08:33 - 02105856 _____ (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2014-09-19 08:32 - 2014-09-19 08:32 - 01097728 _____ (Farbar) C:\Users\***\Downloads\FRST.exe
2014-09-19 08:31 - 2014-01-30 21:37 - 00000000 ____D () C:\Users\***\AppData\Roaming\Skype
2014-09-19 08:26 - 2013-08-28 07:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-19 08:23 - 2014-09-19 08:23 - 00854417 _____ () C:\Users\***\Downloads\SecurityCheck.exe
2014-09-19 08:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-19 07:59 - 2013-08-16 22:23 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 06:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-19 05:00 - 2013-08-16 19:35 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-19 04:14 - 2013-12-16 16:30 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8CDA66A8-D89E-41B7-861E-4D1C6BC3CB7D}
2014-09-19 03:06 - 2014-08-10 11:59 - 01746086 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-19 01:50 - 2014-08-17 11:19 - 00000000 ____D () C:\Users\***\AppData\Roaming\vlc
2014-09-18 23:22 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 23:00 - 2014-09-18 22:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 21:37 - 2013-08-16 22:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-18 19:06 - 2013-09-30 06:14 - 01804156 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-18 19:06 - 2013-09-30 05:56 - 00781646 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-18 19:06 - 2013-09-30 05:56 - 00166324 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-18 19:03 - 2014-09-16 07:38 - 00000000 ____D () C:\Users\***\Documents\Mein Steuer-Sparbuch Heute
2014-09-18 19:02 - 2014-09-18 19:01 - 02347384 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_deu.exe
2014-09-18 19:01 - 2013-08-16 22:23 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-18 19:00 - 2013-12-11 20:13 - 00000000 __RDO () C:\Users\***\SkyDrive
2014-09-18 19:00 - 2013-08-19 08:00 - 00000000 ____D () C:\Users\***\AppData\Roaming\Dropbox
2014-09-18 19:00 - 2013-08-16 19:26 - 00000062 _____ () C:\Users\***\AppData\Roaming\sp_data.sys
2014-09-18 18:57 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-18 16:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-18 08:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-18 08:44 - 2014-09-18 08:44 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-09-18 08:44 - 2012-11-27 06:08 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-18 08:42 - 2014-09-17 19:46 - 00003352 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-18 08:42 - 2014-09-17 19:46 - 00003300 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 23:48 - 2014-08-07 15:21 - 00003374 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 23:48 - 2014-08-07 15:21 - 00003322 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 23:47 - 2014-08-10 17:00 - 00011128 _____ () C:\WINDOWS\PFRO.log
2014-09-17 23:47 - 2013-12-11 19:44 - 00000000 ____D () C:\Users\***
2014-09-17 23:46 - 2014-01-29 20:30 - 00000000 ____D () C:\AdwCleaner
2014-09-17 22:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-17 22:17 - 2013-10-25 11:14 - 00138240 ___SH () C:\Users\***\Desktop\Thumbs.db
2014-09-17 21:58 - 2014-09-16 21:02 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 19:50 - 2014-08-17 13:00 - 00007816 _____ () C:\WINDOWS\setupact.log
2014-09-17 19:41 - 2013-09-30 12:50 - 00000000 ____D () C:\Users\***\AppData\Roaming\uTorrent
2014-09-17 19:18 - 2014-08-27 12:21 - 00000000 ____D () C:\Users\***\AppData\Roaming\Tropico 4
2014-09-17 09:14 - 2014-09-17 09:14 - 00001201 _____ () C:\Users\***\Desktop\JRT.txt
2014-09-17 08:59 - 2014-09-17 08:59 - 01016035 _____ (Thisisu) C:\Users\***\Downloads\JRT(1).exe
2014-09-17 08:43 - 2014-09-17 08:43 - 01016035 _____ (Thisisu) C:\Users\***\Downloads\JRT.exe
2014-09-17 08:42 - 2014-09-17 08:42 - 01373475 _____ () C:\Users\***\Downloads\AdwCleaner_3.310.exe
2014-09-17 08:38 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-17 08:35 - 2014-02-06 07:34 - 00000000 ____D () C:\Users\***\Desktop\Virensuche
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-01-26 12:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 21:00 - 2014-09-16 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\***\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-16 12:22 - 2013-08-18 00:13 - 00000000 ____D () C:\ProgramData\Origin
2014-09-16 12:18 - 2013-08-18 00:15 - 00000000 ____D () C:\Users\***\AppData\Roaming\Origin
2014-09-16 11:38 - 2013-08-18 00:13 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-16 11:33 - 2014-09-16 11:12 - 00054523 _____ () C:\Users\***\Downloads\Addition.txt
2014-09-16 10:24 - 2014-09-16 10:23 - 02105856 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2014-09-16 07:37 - 2013-08-22 16:44 - 00489480 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-15 20:55 - 2014-09-15 20:55 - 00000000 ____D () C:\Users\***\Documents\Steuer-Sparbuch
2014-09-15 20:54 - 2014-05-24 08:52 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-09-15 20:53 - 2014-09-15 20:53 - 00000954 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-09-15 20:53 - 2014-09-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-09-15 10:34 - 2013-08-18 15:47 - 00000000 ____D () C:\Users\***\Documents\Outlook-Dateien
2014-09-15 07:54 - 2014-09-15 07:54 - 00001452 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iPod
2014-09-14 22:19 - 2013-09-30 05:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-14 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-14 15:24 - 2014-09-14 15:24 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer(1).exe
2014-09-14 15:17 - 2014-09-14 15:17 - 00000000 ____D () C:\Users\***\AppData\Local\Unity
2014-09-14 15:16 - 2014-09-14 15:16 - 01080640 _____ (Unity Technologies ApS) C:\Users\***\Downloads\UnityWebPlayer.exe
2014-09-14 11:35 - 2014-05-24 08:58 - 00000572 _____ () C:\WINDOWS\wiso.ini
2014-09-13 15:55 - 2014-07-13 10:54 - 00000000 ____D () C:\Users\***\AppData\Local\Abelssoft
2014-09-12 15:54 - 2014-01-18 15:28 - 00000000 ____D () C:\Users\***\AppData\Local\Deployment
2014-09-11 16:57 - 2014-07-31 15:16 - 00000000 ____D () C:\Users\***\AppData\Local\NVIDIA Corporation
2014-09-11 14:48 - 2014-07-13 10:54 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-11 14:47 - 2014-07-18 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-09-11 14:47 - 2014-07-13 10:54 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-11 08:39 - 2014-06-10 20:52 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-11 08:39 - 2014-05-06 17:00 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 08:39 - 2014-05-06 17:00 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 08:38 - 2014-06-10 20:52 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 08:38 - 2014-06-10 20:41 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-10 19:28 - 2013-08-18 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 19:26 - 2013-08-17 09:35 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 19:11 - 2013-08-17 09:35 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-09 19:26 - 2013-08-28 07:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-09 13:31 - 2013-11-08 08:53 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-09-04 08:45 - 2014-09-04 08:45 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\Program Files\Java
2014-09-02 22:06 - 2014-08-17 09:22 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-08-17 09:22 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 07:43 - 2013-08-17 15:25 - 00000000 ____D () C:\Users\***\Documents\My Games
2014-09-02 07:34 - 2014-08-25 11:01 - 00055723 _____ () C:\WINDOWS\DirectX.log
2014-09-02 07:30 - 2014-01-30 21:36 - 00000000 ____D () C:\ProgramData\Skype
2014-09-02 07:28 - 2014-03-02 19:56 - 00000000 ____D () C:\Program Files\PeerBlock
2014-08-27 12:14 - 2014-08-27 12:14 - 00000000 ____D () C:\Users\***\AppData\Roaming\Kalypso Media
2014-08-27 11:48 - 2013-08-17 15:16 - 00000000 ____D () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-27 11:15 - 2014-08-25 11:05 - 00000000 ____D () C:\Users\***\AppData\Roaming\DarknessII
2014-08-23 09:48 - 2014-09-14 11:40 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-08-23 09:13 - 2014-09-14 11:40 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-08-23 08:10 - 2014-09-14 11:40 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-23 07:32 - 2014-09-14 11:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-23 06:44 - 2014-09-14 11:40 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-23 06:34 - 2014-09-14 11:40 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-23 06:33 - 2014-09-14 11:40 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-08-23 06:31 - 2014-09-14 11:40 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-23 06:20 - 2014-09-14 11:40 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-23 02:42 - 2014-08-28 08:55 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\CHIP_Updater.exe
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpezggdr.dll
C:\Users\***\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\***\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-19 05:00

==================== End Of Log ============================

--- --- ---

--- --- ---

Aber google sagt mir immer noch ich solle einen "modern browser" verwenden...

schrauber · 19.09.2014, 18:47

Adobe updaten.

Router mal 30 min vom Strom nehmen.

Funde sind schon in Quarantäne oder auf der Externen, die würde ich mal...... ausmisten

dr.kleiner · 20.09.2014, 09:22

So, Adobe gelöscht, ich probiere jetzt mal den Foxit aus, zurück geht ja eh immer...
Habe gestern jetzt auch den neuen Router vom Provider erhalten, wird gerade noch initialisiert, der zweite Punkt wäre dann also auch erledigt.

Quarantäne vom eset? wo ist die denn abgelegt? Als ich gerade nach eset gesucht habe, habe ich nur 2 800kb Ordner gefunden.

Lieben Gruß

Ach so, jetzt verstanden, Adressleisten im log *facepalm* - mache mich ans löschen...

schrauber · 20.09.2014, 17:36

ok

dr.kleiner · 21.09.2014, 12:40

ok, jetzt habe ich schon mal einiges gelöscht, aber das ursprüngliche Problem besteht weiterhin. Sowohl bei Opera (dass es nicht als Opera anerkannt wird) als auch bei Firefox. Netflix gibt mir beispielsweise einfach einen Verweis auf die Mindestanforderungen, welche ich alle erfülle, gmail will, dass ich "modern browser" verwende u.ä. ... Hast du dafür evtl auch noch eine Lösung, oder hat das jetzt schlicht nichts mehr mit Viren zu tun? Danke nochmal fürs "ausmisten"

schrauber · 22.09.2014, 07:56

Is schon ein sehr merkwürdiges Problem.

Bitte mal FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logfiles.

dr.kleiner · 26.09.2014, 12:45

Hallo Schrauber, sorry, die letzten Tage waren etwas stressig.

1. Das Problem scheint gelöst (siehe unten). Könntest Du bitte trotzdem die Logs nochmal zur Sicherheit durchsehen?

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014
Ran by *** (administrator) on ***S56 on 26-09-2014 13:27:54
Running from C:\Users\***\Downloads
Loaded Profile: *** (Available profiles: ***)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
() C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\ffprobe.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-23] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-05-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [Amazon Cloud Player] => C:\Users\***\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2912521998-1118320013-3424448078-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Programme D\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default
FF Homepage: sueddeutsche.de
FF NetworkProxy: "autoconfig_url", "data:application/x-ns-proxy-autoconfig;base64,ZnVuY3Rpb24gaXNZb3VUdWJlVmlkZW8odXJsKXsgcmV0dXJuIG5ldyBSZWdFeHAoIl4oPzpodHRwfGh0dHBzKTpcXC9cXC8oPzouKikoPzouZ29vZ2xldmlkZW8uY29tfC5jLnlvdXR1YmUuY29tKSg/Oi4qKVxcL3ZpZGVvcGxheWJhY2soPzouKikoPzpnY3I9dXN8XFwvZ2NyXFwvdXNcXC8pKD86LiopJCIsJ2knKS50ZXN0KHVybCk7fWZ1bmN0aW9uIGlzWW91VHViZVZpZGVvUGFnZSh1cmwsIGhvc3QsIHZpZHVybCkgeyByZXR1cm4gaG9zdC5pbmRleE9mKCd5b3V0dWJlLmNvbScpICE9IC0xICYmIHVybC5pbmRleE9mKHZpZHVybCkgIT0gLTE7fWZ1bmN0aW9uIEZpbmRQcm94eUZvclVSTCh1cmwsIGhvc3QpIHtpZihpc1lvdVR1YmVWaWRlbyh1cmwpICB8fCBpc1lvdVR1YmVWaWRlb1BhZ2UodXJsLCBob3N0LCAnaHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1mazJwaEVQN0FXVSZpbmRleD0xJmxpc3Q9UExXM0owYUhmYVB2Wl9SSWw4Ty1MSy14NEl0eGRhT3BmTCcpKXsgcmV0dXJuICdQUk9YWSAyMDkuMjM5LjExNC4yMDQ6MzEzMSc7fWVsc2V7IHJldHVybiAnRElSRUNUJzt9fQ=="
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\searchplugins\duckduckgo.xml
FF Extension: German Dictionary - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-09-24]
FF Extension: DownloadHelper - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-22]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-09-21]
FF Extension: GPU Accelerated Flash Player - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\Extensions\gpuacceleratedflashplayer@stas.xpi [2014-09-21]
FF Extension: ProxTube - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\Extensions\ich@maltegoetz.de.xpi [2014-09-21]
FF Extension: Gmail Notifier (restartless) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2014-09-21]
FF Extension: DuckDuckGo Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-09-21]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\gab65erd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-29]
CHR Extension: (Show the YouTube Channel bar or the name.) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-08-16]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-16]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-16]
CHR Extension: (Google Search) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-16]
CHR Extension: (RAD Soldiers) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiahcckehgdocgonfdickeagmoembpe [2013-09-07]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2013-08-19]
CHR Extension: (RealPlayer Downloader) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-11]
CHR Extension: (Dropbox) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-09-01]
CHR Extension: (Ghostery) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-08-16]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-02]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-02] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2013-12-17] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2013-12-17] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-11] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-09-04] (Google Inc)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-26] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-02] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-05-03] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-17] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [126440 2009-12-19] (QUALCOMM Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 13:27 - 2014-09-26 13:28 - 00031191 _____ () C:\Users\***\Downloads\FRST.txt
2014-09-26 13:27 - 2014-09-26 13:28 - 00000000 ____D () C:\FRST
2014-09-26 13:26 - 2014-09-26 13:27 - 02108928 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2014-09-26 12:47 - 2014-09-26 12:47 - 00000000 ___SH () C:\DkHyperbootSync
2014-09-24 09:41 - 2014-09-24 09:41 - 05400864 _____ (Canneverbe Limited ) C:\Users\***\Downloads\cdbxp_setup_4.5.4.5067.exe
2014-09-23 22:46 - 2014-09-23 22:48 - 11651317 _____ () C:\Users\***\Desktop\03 Schlaflied.m4a
2014-09-23 22:36 - 2014-09-23 22:38 - 11288890 _____ () C:\Users\***\Desktop\11 Verlängerung.m4a
2014-09-23 10:48 - 2014-09-23 10:48 - 00003374 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-23 10:47 - 2014-09-23 10:47 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-09-23 10:47 - 2014-09-23 10:47 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-09-22 06:58 - 2013-10-23 10:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-09-22 06:58 - 2013-10-23 10:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-09-22 06:58 - 2013-10-23 10:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-09-22 06:58 - 2013-10-23 10:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-09-22 06:58 - 2013-10-23 10:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-09-22 06:58 - 2013-10-23 10:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-09-22 06:58 - 2013-10-23 10:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-09-22 06:58 - 2013-10-23 10:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-09-22 06:58 - 2013-10-23 10:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-09-22 00:23 - 2014-09-22 00:23 - 04901352 _____ (Piriform Ltd) C:\Users\***\Downloads\ccsetup417.exe
2014-09-21 22:50 - 2014-09-21 22:50 - 00244216 _____ () C:\Users\***\Downloads\Firefox Setup Stub 32.0.2 (1).exe
2014-09-21 15:49 - 2014-09-21 15:49 - 00000002 _____ () C:\WINDOWS\AsCDProc.log
2014-09-21 09:17 - 2014-09-21 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-21 02:55 - 2014-09-04 21:14 - 00038048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-09-21 02:55 - 2014-09-04 21:14 - 00032416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-09-20 10:58 - 2014-09-25 07:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-20 10:58 - 2014-09-21 22:51 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-20 10:58 - 2014-09-20 10:59 - 00000000 ____D () C:\Users\***\AppData\Roaming\Mozilla
2014-09-20 10:51 - 2014-09-20 10:54 - 00000000 ____D () C:\Users\***\Desktop\FF Sicherung
2014-09-20 10:43 - 2014-09-20 10:43 - 00244392 _____ () C:\Users\***\Downloads\Firefox Setup Stub 32.0.2.exe
2014-09-19 09:02 - 2014-09-19 09:02 - 00000000 ____D () C:\Users\***\AppData\Local\Adobe
2014-09-18 22:59 - 2014-09-25 07:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-17 19:46 - 2014-09-21 22:43 - 00003352 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 19:46 - 2014-09-21 22:43 - 00003300 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-17 09:14 - 2014-09-17 09:14 - 00001201 _____ () C:\Users\***\Desktop\JRT.txt
2014-09-16 21:02 - 2014-09-17 21:58 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-09-16 21:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-16 21:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-16 21:01 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-16 21:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-16 07:38 - 2014-09-25 10:12 - 00000000 ____D () C:\Users\***\Documents\Mein Steuer-Sparbuch Heute
2014-09-15 20:55 - 2014-09-15 20:55 - 00000000 ____D () C:\Users\***\Documents\Steuer-Sparbuch
2014-09-15 20:53 - 2014-09-15 20:53 - 00000954 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-09-15 20:53 - 2014-09-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-09-15 07:54 - 2014-09-15 07:54 - 00001452 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iTunes
2014-09-15 07:54 - 2014-09-15 07:54 - 00000000 ____D () C:\Program Files\iPod
2014-09-14 15:17 - 2014-09-14 15:17 - 00000000 ____D () C:\Users\***\AppData\Local\Unity
2014-09-14 11:59 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-14 11:59 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-14 11:59 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-14 11:58 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-14 11:58 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-14 11:58 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-14 11:58 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-14 11:58 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-14 11:58 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-14 11:58 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-14 11:58 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-14 11:58 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-14 11:58 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-14 11:58 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-14 11:58 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-14 11:58 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-14 11:58 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-14 11:58 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-14 11:58 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-14 11:58 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-14 11:58 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-14 11:58 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-14 11:58 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-14 11:58 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-14 11:58 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-14 11:58 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-14 11:58 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-14 11:58 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-14 11:58 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-14 11:58 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-14 11:58 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-14 11:58 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-14 11:58 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-14 11:58 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-14 11:58 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-14 11:58 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-14 11:58 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-14 11:58 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-14 11:58 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-14 11:58 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-14 11:58 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-14 11:58 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-14 11:58 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-14 11:58 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-14 11:58 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-14 11:58 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-14 11:58 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-14 11:58 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-14 11:58 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-14 11:58 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-14 11:58 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-14 11:58 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-14 11:58 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-14 11:58 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 11:58 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-14 11:58 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-14 11:58 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-14 11:58 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-14 11:58 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-14 11:58 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-14 11:58 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-14 11:58 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-14 11:58 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-14 11:58 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-14 11:58 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-14 11:58 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-14 11:58 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-14 11:58 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-14 11:58 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-14 11:58 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 11:58 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-14 11:58 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-14 11:58 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-14 11:58 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-14 11:58 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-14 11:58 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-14 11:58 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-14 11:58 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-14 11:58 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-14 11:58 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-14 11:58 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-14 11:58 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-14 11:58 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-14 11:58 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-14 11:58 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-14 11:58 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-14 11:58 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-14 11:58 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-14 11:58 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-14 11:58 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-14 11:58 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-14 11:58 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-14 11:58 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-14 11:58 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-14 11:58 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-14 11:58 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-14 11:58 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-14 11:58 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-14 11:58 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-14 11:58 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-14 11:58 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-14 11:58 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-14 11:58 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-14 11:58 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-14 11:58 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-14 11:58 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-14 11:58 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-14 11:58 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-14 11:58 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-14 11:58 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-14 11:58 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-14 11:58 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-14 11:58 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-14 11:58 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-14 11:58 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-14 11:58 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-14 11:58 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-14 11:58 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-14 11:58 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-14 11:58 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-14 11:58 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-14 11:58 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-14 11:58 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-14 11:58 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-14 11:58 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-14 11:58 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-14 11:58 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-14 11:58 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-14 11:58 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-14 11:58 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-14 11:58 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-14 11:58 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-14 11:58 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-14 11:58 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-14 11:57 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-14 11:57 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-14 11:57 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-14 11:57 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-14 11:57 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-14 11:57 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-14 11:57 - 2014-07-24 13:43 - 00064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-14 11:57 - 2014-07-24 13:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-14 11:57 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-14 11:57 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-14 11:57 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-14 11:57 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-14 11:57 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-14 11:57 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-14 11:57 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-14 11:57 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-14 11:57 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-14 11:57 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-14 11:57 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-14 11:57 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-14 11:57 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-14 11:57 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-14 11:57 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-14 11:57 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-14 11:57 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-14 11:57 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-14 11:57 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-14 11:57 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-14 11:57 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-14 11:57 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-14 11:57 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-14 11:57 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-14 11:57 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-14 11:57 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-14 11:57 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-14 11:57 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-14 11:57 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:57 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-14 11:57 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-14 11:57 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-14 11:57 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-14 11:57 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:57 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-14 11:57 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-14 11:57 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-14 11:57 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 11:57 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-14 11:57 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-14 11:57 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-14 11:57 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-14 11:57 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-14 11:57 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-14 11:57 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-14 11:57 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-14 11:57 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-14 11:57 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-14 11:57 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-14 11:57 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-14 11:57 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-14 11:57 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-14 11:57 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-14 11:57 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 11:40 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-14 11:40 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-14 11:40 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-14 11:40 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-14 11:40 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-14 11:40 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-14 11:40 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-14 11:40 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-14 11:40 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-14 11:40 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-14 11:40 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-14 11:35 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-11 08:38 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 08:38 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-11 08:38 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-11 08:38 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-11 08:38 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 08:38 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-11 08:38 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-11 08:38 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-11 08:38 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 08:38 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 08:38 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 08:38 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-11 08:38 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 08:38 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 08:38 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 08:38 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 08:38 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 08:38 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 08:38 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 08:38 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 08:38 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 08:38 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 08:38 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 08:38 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-11 08:38 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 08:37 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 08:37 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 08:37 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 08:37 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 08:37 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 08:37 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 08:37 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 08:37 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 08:37 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 08:37 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-10 08:26 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-10 08:25 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-10 08:25 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-04 08:45 - 2014-09-04 08:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 08:45 - 2014-09-04 08:45 - 00000000 ____D () C:\Program Files\Java
2014-08-28 08:55 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-27 12:21 - 2014-09-17 19:18 - 00000000 ____D () C:\Users\***\AppData\Roaming\Tropico 4
2014-08-27 12:14 - 2014-08-27 12:14 - 00000000 ____D () C:\Users\***\AppData\Roaming\Kalypso Media

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 13:26 - 2013-08-28 07:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-26 13:23 - 2013-08-18 15:47 - 00000000 ____D () C:\Users\***\Documents\Outlook-Dateien
2014-09-26 13:03 - 2014-01-30 21:37 - 00000000 ____D () C:\Users\***\AppData\Roaming\Skype
2014-09-26 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-26 12:59 - 2013-08-16 22:23 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-26 11:30 - 2014-01-07 20:25 - 00000000 ____D () C:\Users\***\Desktop\Referendariat
2014-09-26 11:04 - 2013-08-16 19:35 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-26 10:59 - 2013-08-16 22:23 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-26 10:19 - 2014-08-10 11:59 - 01323324 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-26 09:39 - 2013-08-16 22:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-26 09:16 - 2014-07-31 09:29 - 00000000 ____D () C:\Users\***\AppData\Roaming\Bioshock2Steam
2014-09-26 08:19 - 2013-12-16 16:30 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8CDA66A8-D89E-41B7-861E-4D1C6BC3CB7D}
2014-09-26 08:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-25 14:19 - 2014-01-18 15:28 - 00000000 ____D () C:\Users\***\AppData\Local\Deployment
2014-09-25 10:41 - 2014-08-25 11:01 - 00056109 _____ () C:\WINDOWS\DirectX.log
2014-09-24 18:23 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-24 18:13 - 2013-09-30 06:14 - 01804156 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-24 18:13 - 2013-09-30 05:56 - 00781646 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-24 18:13 - 2013-09-30 05:56 - 00166324 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-24 09:50 - 2013-08-17 21:39 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-09-24 09:50 - 2013-08-17 21:39 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-09-23 15:19 - 2013-12-11 20:13 - 00000000 ___DO () C:\Users\***\SkyDrive
2014-09-23 10:48 - 2014-08-07 15:21 - 00003322 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002
2014-09-23 10:47 - 2013-08-19 08:00 - 00000000 ____D () C:\Users\***\AppData\Roaming\Dropbox
2014-09-23 10:47 - 2013-08-16 19:26 - 00000062 _____ () C:\Users\***\AppData\Roaming\sp_data.sys
2014-09-23 10:46 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-23 03:40 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-22 11:57 - 2013-12-11 19:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-22 06:58 - 2013-12-11 19:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-22 06:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-09-22 06:57 - 2014-07-31 15:14 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-22 06:57 - 2014-05-08 23:35 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-22 00:24 - 2013-09-07 09:21 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-21 15:54 - 2014-08-17 11:19 - 00000000 ____D () C:\Users\***\AppData\Roaming\vlc
2014-09-21 08:58 - 2014-08-10 17:00 - 00016160 _____ () C:\WINDOWS\PFRO.log
2014-09-21 07:26 - 2013-10-25 11:14 - 00158720 ___SH () C:\Users\***\Desktop\Thumbs.db
2014-09-21 02:55 - 2014-08-17 13:00 - 00007855 _____ () C:\WINDOWS\setupact.log
2014-09-19 10:05 - 2013-08-19 08:01 - 00000000 ____D () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-19 09:08 - 2012-11-27 06:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-19 06:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-17 23:47 - 2013-12-11 19:44 - 00000000 ____D () C:\Users\***
2014-09-17 22:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-17 19:41 - 2013-09-30 12:50 - 00000000 ____D () C:\Users\***\AppData\Roaming\uTorrent
2014-09-17 08:35 - 2014-02-06 07:34 - 00000000 ____D () C:\Users\***\Desktop\Virensuche
2014-09-17 04:13 - 2014-07-31 15:16 - 02193560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-09-17 04:13 - 2014-07-31 15:16 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-09-17 04:12 - 2014-07-31 15:16 - 02799784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-09-17 04:12 - 2014-07-31 15:16 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-09-16 21:01 - 2014-01-26 12:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-16 12:22 - 2013-08-18 00:13 - 00000000 ____D () C:\ProgramData\Origin
2014-09-16 12:18 - 2013-08-18 00:15 - 00000000 ____D () C:\Users\***\AppData\Roaming\Origin
2014-09-16 11:38 - 2013-08-18 00:13 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-16 07:37 - 2013-08-22 16:44 - 00489480 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-15 20:54 - 2014-05-24 08:52 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-09-14 22:19 - 2013-09-30 05:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-14 22:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-14 22:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-14 11:35 - 2014-05-24 08:58 - 00000572 _____ () C:\WINDOWS\wiso.ini
2014-09-13 15:55 - 2014-07-13 10:54 - 00000000 ____D () C:\Users\***\AppData\Local\Abelssoft
2014-09-11 16:57 - 2014-07-31 15:16 - 00000000 ____D () C:\Users\***\AppData\Local\NVIDIA Corporation
2014-09-11 14:48 - 2014-07-13 10:54 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-09-11 14:47 - 2014-07-18 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-09-11 14:47 - 2014-07-13 10:54 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-09-11 08:39 - 2014-06-10 20:52 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-11 08:39 - 2014-06-10 20:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 08:39 - 2014-06-10 20:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-11 08:39 - 2014-05-06 17:00 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 08:39 - 2014-05-06 17:00 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 08:38 - 2014-06-10 20:52 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 08:38 - 2014-06-10 20:41 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-10 19:28 - 2013-08-18 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 19:26 - 2013-08-17 09:35 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 19:11 - 2013-08-17 09:35 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-09 19:26 - 2013-08-28 07:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-09 13:31 - 2013-11-08 08:53 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-09-04 21:14 - 2014-07-31 15:07 - 00034976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2014-09-02 22:06 - 2014-08-17 09:22 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2014-08-17 09:22 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 07:43 - 2013-08-17 15:25 - 00000000 ____D () C:\Users\***\Documents\My Games
2014-09-02 07:30 - 2014-01-30 21:36 - 00000000 ____D () C:\ProgramData\Skype
2014-09-02 07:28 - 2014-03-02 19:56 - 00000000 ____D () C:\Program Files\PeerBlock
2014-08-27 11:48 - 2013-08-17 15:16 - 00000000 ____D () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-27 11:15 - 2014-08-25 11:05 - 00000000 ____D () C:\Users\***\AppData\Roaming\DarknessII

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\CHIP_Updater.exe
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsmnghc.dll
C:\Users\***\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\***\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-23 15:14

==================== End Of Log ============================

--- --- ---

2. Ich habe jetzt mal den FF komplett runtergeschmissen, samt Sicherungen, Profildaten, app Daten... und komplet frisch installiert. Jetzt habe ich zwar meine ganzen Bookmarks etc nimmer, aber dafür funktioniert wieder alles.
Ohne zu wissen was jetzt eigentlich das Problem war: Meinst du, ich kann wenigstens die backups der Lesezeichen wieder reinladen?

Chrome konnte ich jetzt noch nicht neu machen, aber ich vermute, dass es da ähnlich sein wird.

und dann wird es wohl Zeit, dass der Sohnemann einen eigenen Rechner bekommt den er kaputt machen kann...
lg

dr.kleiner · 26.09.2014, 12:47

ach ja, das zweite logfile:

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2014
Ran by *** at 2014-09-26 13:29:16
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33870 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.28 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5022.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5022.52 - CyberLink Corp.) Hidden
Atheros Outlook Addin 2010 (HKCU\...\BB108A893815B64BF41C4574C3324FB7371AA244) (Version: 1.0.0.0 - Microsoft)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
Blood Bowl: Legendary Edition (HKLM-x32\...\Steam App 58520) (Version:  - Cyanide Studios)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{3331E34D-38D0-49CE-A395-B30B05FCCE6C}) (Version: 1.11.0 - Kovid Goyal)
CBR (HKLM\...\{A8305DB2-3F6A-43CF-8CE3-EFD3D0F1C352}) (Version: 0.7 - G.Waser)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.31 - Abelssoft)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.3625 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
Devil May Cry 3: Special Edition (HKLM-x32\...\Steam App 6550) (Version:  - CAPCOM Co., Ltd.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EasyCash&Tax 1.63 (HKLM-x32\...\EasyCash&Tax_is1) (Version:  - tm)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version:  - HalfBaked)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version:  - BioWare)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Painkiller Hell & Damnation (HKLM-x32\...\Steam App 214870) (Version:  - The Farm 51)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version:  - UBIart Montpellier)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6829 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Simeranya 1.5.0.0 (HKLM-x32\...\Simeranya) (Version: 1.5.0.0 - Simeranya Labs)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
SPlayer (HKLM-x32\...\SPlayer) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.STANDARD_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.STANDARD_{8F699D53-05FB-488E-B7D3-E4E47257BE5D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.STANDARD_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.STANDARD_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.STANDARD_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.STANDARD_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic Entertainment)
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WISO Steuer 2014 (HKLM-x32\...\{E09ADC7D-AD95-4E65-92F0-75B58FD25801}) (Version: 21.00.8480 - Buhl Data Service GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XMind 2013 (v3.4.1) (HKLM-x32\...\XMind_is1) (Version: 3.4.1.201401221918 - XMind Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2912521998-1118320013-3424448078-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

19-09-2014 07:06:10 Removed Adobe Reader X (10.1.12) MUI.
21-09-2014 00:55:38 DirectX wurde installiert
24-09-2014 16:22:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2014-01-23 08:09 - 00450639 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C266F8E-BC52-4F69-93E8-63F9A3FA969E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {12D9387B-BBE3-42EC-8072-E4DC10E9AB1A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {1B47A61D-7A83-46BF-AF52-1919FDBE0BD4} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21F400CC-9E84-4077-BFEE-AEFEB39424B9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33142A00-E4A7-4D68-9BCE-A1C930CE92FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-10] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3AEA6ADC-B43E-42E2-8580-6F741803BA43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {47FB4396-115C-465A-BAF4-C72BF5A7F222} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5022CAD1-AC75-4125-AB87-2832D6EFCEE9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {512D18D8-F45C-4215-8711-48B18E92918B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {57522FAE-7B6C-46E0-A0F9-40990D721BBA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-08-25] (Apple Inc.)
Task: {63C667E1-CDDB-457A-A417-1CE1D7E85286} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {641EDB3E-4649-4CA4-86B7-32F3B6A3AC27} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E4BDF67-12E6-4122-BDD4-621D20353CF4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75CB1FC8-9432-4E66-9A40-A3B274E96DD7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {77B01DFA-FDFE-42B5-B08A-2695449FFBB2} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-05-03] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8DC68DD6-5425-42A4-8248-691E5C4C8EC2} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-09-02] (CHIP)
Task: {96B9331D-E090-41D0-AB1D-78BF09E60A7A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {9BB4C78A-A497-4B1C-B828-0DEE5397F363} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AC376049-A73E-4AF9-9058-41ACF904AF43} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {ACC91B20-62BE-4E52-8596-2E43FD5401B5} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {BD3D8CE7-7F13-40CE-A0CA-39DA03723A2E} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
Task: {BF492433-35A8-4730-8F59-ECB8C570BDC7} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-04-06] (RealNetworks, Inc.)
Task: {C44872FF-78CF-4F19-97BE-4A63048234D3} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {C5D85418-194E-41D0-97D9-7C3447B03603} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {C6191E5E-DDAE-4C6F-9654-2B15C0715194} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {C96C33D2-6AC3-48E6-9AC9-C566698FCB8C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D1F96715-25C5-4316-B1BE-C09C50F3B6B0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {D306AC8B-FA13-4D94-B815-1CA592C2A4E0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DC5B6C7A-3AA3-4099-8DD9-2C184793601C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2912521998-1118320013-3424448078-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {E3B4CF7F-78B9-45FE-9E46-DA10D92E1411} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F98B0C49-4463-4087-8429-F065C2C3D328} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-02] (AVAST Software)
Task: {FE967167-A94A-4B47-8120-6868A33B3034} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-22 06:58 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-29 20:55 - 2013-12-17 13:39 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-08-29 20:55 - 2013-12-17 13:39 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-04-06 23:00 - 2014-04-06 23:00 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-07 03:06 - 2014-04-07 03:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-11-29 18:15 - 2012-11-29 18:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2014-05-11 09:44 - 2014-05-11 09:44 - 00118360 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\ffprobe.exe
2013-10-01 14:02 - 2013-10-01 14:02 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-05-06 19:52 - 2014-05-06 19:52 - 00028160 _____ () C:\Users\***\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll
2014-06-02 18:50 - 2014-06-02 18:50 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll
2014-06-02 18:51 - 2014-06-02 18:51 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\ba65f033632f4fc480cc45bc72bf25e4\Windows.Storage.ni.dll
2014-06-02 18:51 - 2014-06-02 18:51 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\926020eb508f6968545d6a51fb661fad\Windows.UI.ni.dll
2014-08-04 14:08 - 2014-08-04 14:08 - 02207232 _____ () C:\Users\***\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.B2e1870ee#\a43a17a5fd363f6ce6b97b4505e46aeb\Microsoft.Bing.AppEx.Telemetry.ni.dll
2014-05-09 00:51 - 2014-05-09 00:51 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\43b92b6dbc9eb61983817ea32346d510\Windows.ApplicationModel.ni.dll
2014-06-02 18:50 - 2014-06-02 18:50 - 00347136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\94e2bc13589233f9d2cc54292717b8cf\Windows.Globalization.ni.dll
2014-06-02 18:51 - 2014-06-02 18:51 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\00ce12e0481a881d419350afd79395ef\Windows.Security.ni.dll
2014-06-02 18:50 - 2014-06-02 18:50 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\d1c5274ccd6fb2b4b5dbddd0f0ca6c6e\Windows.System.ni.dll
2014-05-06 19:52 - 2014-05-06 19:52 - 00117248 _____ () C:\Users\***\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll
2014-06-02 18:51 - 2014-06-02 18:51 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f6e236cd6041c81411f85852722670b\Windows.Networking.ni.dll
2014-02-18 08:28 - 2014-02-18 08:29 - 00551440 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.309_x64__8wekyb3d8bbwe\SqliteWrapper.dll
2013-09-30 06:00 - 2013-09-30 06:00 - 00660920 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.309_x64__8wekyb3d8bbwe\Sqlite3.dll
2014-06-02 18:51 - 2014-06-02 18:51 - 00467456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll
2014-06-02 18:51 - 2014-06-02 18:51 - 01383936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Web\6e0851f140b7f4407968add9bcebb667\Windows.Web.ni.dll
2014-06-02 18:51 - 2014-06-02 18:51 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\d07f690ce5d3a2de7c9089a6200d64db\Windows.Data.ni.dll
2014-06-02 18:51 - 2014-06-02 18:51 - 02019840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-01-18 15:28 - 2014-01-18 15:28 - 00019968 _____ () C:\Users\***\AppData\Local\assembly\dl3\973YGBL7.MJ6\R3M6HR44.4X0\598f0364\2003d5aa_199cce01\Atheros Outlook Addin 2010.DLL
2013-02-15 03:36 - 2013-02-15 03:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-09-10 07:38 - 2014-09-10 07:38 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-02 00:31 - 2014-07-02 00:31 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-22 20:03 - 2014-09-22 20:03 - 02865152 _____ () C:\Program Files\AVAST Software\Avast\defs\14092201\algo.dll
2014-09-26 08:32 - 2014-09-26 08:32 - 02866688 _____ () C:\Program Files\AVAST Software\Avast\defs\14092501\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-11 09:44 - 2014-05-11 09:44 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-05-11 09:44 - 2014-05-11 09:44 - 04083800 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avcodec-54.dll
2014-05-11 09:44 - 2014-05-11 09:44 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avfilter-3.dll
2014-05-11 09:44 - 2014-05-11 09:44 - 01379928 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avformat-54.dll
2014-05-11 09:44 - 2014-05-11 09:44 - 00204888 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
2014-05-11 09:44 - 2014-05-11 09:44 - 00107096 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\swresample-0.dll
2014-05-11 09:44 - 2014-05-11 09:44 - 00346200 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\swscale-2.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-02 00:31 - 2014-07-02 00:31 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-23 10:47 - 2014-09-23 10:47 - 00043008 _____ () c:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsmnghc.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\libcef.dll
2013-05-17 13:43 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-09-20 10:58 - 2014-09-18 09:16 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-31 11:38 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-31 11:39 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-31 11:39 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2013-07-01 08:20 - 2014-09-03 21:28 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-23 08:55 - 2014-09-23 06:32 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-31 11:39 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-31 11:39 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-07-26 14:46 - 2014-09-23 06:32 - 00679616 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 14:32 - 2014-09-05 01:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 15:08 - 2014-09-05 01:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\***\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKCU\...\StartupApproved\Run: => "Amazon Cloud Player"

========================= Accounts: ==========================

Administrator (S-1-5-21-2912521998-1118320013-3424448078-500 - Disabled - Status: Degraded)
ASPNET (S-1-5-21-2912521998-1118320013-3424448078-1014 - Enabled - Status: OK)
*** (S-1-5-21-2912521998-1118320013-3424448078-1002 - Enabled - Status: OK) => C:\Users\***
Gast (S-1-5-21-2912521998-1118320013-3424448078-501 - Disabled - Status: Degraded)
HomeGroupUser$ (S-1-5-21-2912521998-1118320013-3424448078-1022 - Enabled - Status: OK)

==================== Faulty Device Manager Devices =============

Name: Virtual Bluetooth Support
Description: Virtual Bluetooth Support
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/26/2014 08:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46179625

Error: (09/26/2014 08:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46179625

Error: (09/26/2014 08:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/25/2014 07:26:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2157

Error: (09/25/2014 07:26:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2157

Error: (09/25/2014 07:26:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/25/2014 07:26:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1125

Error: (09/25/2014 07:26:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1125

Error: (09/25/2014 07:26:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/25/2014 10:10:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2794968


System errors:
=============
Error: (09/25/2014 06:54:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/25/2014 06:54:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (09/22/2014 06:56:05 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053defragsvcNicht verfügbar{D20A3293-3341-4AE8-9AAF-8E397CB63C34}

Error: (09/22/2014 06:55:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Laufwerke optimieren" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/22/2014 06:55:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Laufwerke optimieren erreicht.

Error: (09/21/2014 09:28:00 AM) (Source: DCOM) (EventID: 10010) (User: ***S56)
Description: {16D99191-6280-4B33-A2F5-04805A0FC582}

Error: (09/21/2014 03:23:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet: 
%%2147942419

Error: (09/20/2014 01:52:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062

Error: (09/19/2014 09:29:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062

Error: (09/19/2014 09:04:00 PM) (Source: DCOM) (EventID: 10010) (User: ***S56)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}


Microsoft Office Sessions:
=========================
Error: (09/26/2014 08:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46179625

Error: (09/26/2014 08:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46179625

Error: (09/26/2014 08:15:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/25/2014 07:26:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2157

Error: (09/25/2014 07:26:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2157

Error: (09/25/2014 07:26:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/25/2014 07:26:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1125

Error: (09/25/2014 07:26:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1125

Error: (09/25/2014 07:26:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/25/2014 10:10:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2794968


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 66%
Total physical RAM: 8077.54 MB
Available physical RAM: 2734.51 MB
Total Pagefile: 9723.7 MB
Available Pagefile: 3367.71 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:110.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:55.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 337AEAFE)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 371633ED)

Partition: GPT Partition Type.

==================== End Of Log ============================

--- --- ---

Ist jetzt alles in Ordnung?

20.09.2014, 17:36	#11
schrauber /// the machine /// TB-Ausbilder	FF wird im Netz als Opera erkannt und als nicht funktionierend angegeben ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

FF wird im Netz als Opera erkannt und als nicht funktionierend angegeben

Plagegeister aller Art und deren Bekämpfung: FF wird im Netz als Opera erkannt und als nicht funktionierend angegeben