Windows 8.1: Spyware? "Dynamo Combo" Add-on verursacht umleitung auf Werbung

IneedHelp1 · 02.02.2015, 22:41

Hallo liebe Trojaner-Board-Community,

Ich bin neu hier und habe die "Anleitung für Hilfesuchende" durchgearbeitet und hoffentlich nichts vergessen

Zum Problem:
Ich habe seit ca. einer Woche ein Problem mit einem Add-on namens "Dynamo Combo".
Ich habe dieses Add-on nicht bewusst selbst installiert, woher es also kommt ist mir schleierhaft.

Zu meinem System:
-Laptop mit Windows 8.1 (64-bit)
-Hardware: i7 mit 2,4GHz, 16Gb Ram, 250Gb SSD
-Avast antivirus installiert
-Windows smart screen filter deaktiviert
-meist genutzter Browser Firefox (installiert auch Chrome und bitbox)

Zu den Symptomen:
-Ich erhalte plötzlich auf vielen Seiten aufdringliche Werbe-Popups, trotz Adblocker (Adblock Plus), was bis vor ein paar tagen nie der Fall war.

-Es öffnen sich hin und wieder neue Browser-Tabs in denen sich Werbe-Seiten öffnen, dies geschieht oft, wenn ich eine neue Seite laden will oder ich beim Browsen auf einen Link klicke - manchmal aber auch scheinbar ohne Auslöser.

-Wenn ich manche links oder Seiten öffnen will - unter anderem auch wenn ich auf ein Suchergebnis bei Google klicke, öffnet sich statt der Seite die ich erreichen will eine Werbeseite. Oft erhalte ich auch eine Fehlermeldung von Firefox nach dem Wortlaut: "Proxy-Server_verweigert_Verbindung" (Gleichnamiger Screenshot im Anhang).
Obwohl ich nie einen Proxy-Server eingestellt habe.

-Mein Laptop ist gefühlt deutlich langsamer vorallem der Browser.
-Ob es nun eine Spyware ist oder nicht weis ich leider nicht, ich habe das bei der recherche im Netz gefunden, allerdings finde ich den Beitrag nicht mehr.
Ich hoffe ihr könnt mir Anhand meiner schilderung und der logs mehr verraten.

Was ich unternommen habe:

-Aufgrund der Belästigung durch die Werbung und der Warnung von Avast, das ein Browser-Addon/Plugin mit schlechter Bewertung installiert sei, habe ich der Empfehlung von Avast vertraut und mit Avast Browser-Clean-Up die Browser reinigen lassen. Dies war soweit ich mich erinnern kann mit einer Fehlermeldung beendet worden. Bei späteren Neustarts, meckerte Avast wieder, mit der gleichen Meldung. (Wobei es beim ersten mal 3-4 Plugins und darunter zweimal "Dynamo Combo" waren die schlechte Bewertungen hatten - soweit ich mich erinnere - und es bei jedem Clean Up immer weniger wurden.)
-Als Avast unter anderem das "Dynamo Combo"-Add-On nicht löschen konnte hab ich unter Firefox das Add-On gefunden und deinstalliert. Dort ist es nun auch nicht mehr zu finden. Avast hat dann nochmal gemerkt, hat nach weiteren Neustarts die Tage darauf jedoch nichts mehr gefunden. Laut Avast sind nun alle Browser-Add-ons mit schlechter Bewertung verschwunden.
Nachdem Avast keine Probleme mehr findet, habe ich die oben genannten Symptome zwar weniger oft, aber immernoch hin und wieder.
Weshalb ich nun nicht mehr weiter weis und euch in diesem Forum kontaktiere und höflichst um Hilfe bitte.

Ich habe die "Anleitung für Hilfesuchende" befolgt, es folgen nun die Logfiles:

defogger_disable.log:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:07 on 02/02/2015 (Nico)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST.txt:
*Beitrag zu groß -> siehe Anhang

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Nico at 2015-02-02 21:10:57
Running from C:\Users\Nico\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.2.0.26 - Absolute Software)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{9043E92C-183C-7633-0237-96CE00F5C909}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 3.3.1-r30 - Sirrix AG)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC) <==== ATTENTION
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
CoDeSys for Automation Alliance (HKLM-x32\...\{07976ABB-1EBD-4A65-A7C7-155A0DC17173}) (Version:  - 3S-Smart Software Solutions GmbH)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator Software Services - Community Edition - DEU (HKLM-x32\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Dynamo Combo (HKLM\...\Dynamo Combo) (Version: 2015.01.23.142327 - Dynamo Combo) <==== ATTENTION!
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
ELECTRA 2.9.5 (HKLM-x32\...\ELECTRA_is1) (Version:  - KONEKT)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 11.7.19.9_WHQL (HKLM\...\Elantech) (Version: 11.7.19.9 - ELAN Microelectronic Corp.)
Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.6.36.116 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{87d45b7e-19da-4dd5-9214-5e0d587c312f}) (Version: 15.6.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{40320F22-7D70-49DB-9D66-B6FAE5F36B47}) (Version: 1.0.32.0 - Condusiv Technologies)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{8583E7E3-2237-4981-B957-E28E5E9AB678}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{E1C1D175-C23E-38F4-9AC1-ABE5167022CF}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.2.22 (HKLM\...\{CC9889DA-F802-4C85-B543-15C02543BA29}) (Version: 4.2.22 - Oracle Corporation)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 2.0.0.21 - RSUPPORT)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.2 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7299 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.18 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.51 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link (HKLM-x32\...\{82EC241F-DFCA-4166-A8C3-EA5D2B9A41C4}) (Version: 1.8.0.39 - Samsung Electronics CO., LTD.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.25.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
SideSync (HKLM-x32\...\{59687468-8CE9-4ABF-9C6A-5C31F0E09F8B}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2900 - DTS, Inc.)
Support Center (HKLM\...\{711DE117-767F-48A8-9864-66C525B9539F}) (Version: 2.1.1223 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.17 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{1687FC01-135F-4ADE-B828-B461CC74BD8A}) (Version: 2.2.4 - Samsung Electronics CO., LTD.)
Target 3001! V17 pcb-pool (HKLM-x32\...\Target 3001! V17 pcb-pool) (Version:  - Ing. Buero FRIEDRICH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.124 - PandoraTV)
Toastify (HKLM-x32\...\Toastify) (Version: 1.6 - Jesper Palm)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
User Guide (HKLM-x32\...\{5A6D46E0-D4F4-487D-BFC5-D7DCEB877027}) (Version: 1.3.00 - Samsung Electronics CO., LTD.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
vi-view uninstall (HKLM-x32\...\vi-view uninstall) (Version:  - vi-view) <==== ATTENTION
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nico\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nico\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nico\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nico\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

15-01-2015 18:28:57 Windows Modules Installer
15-01-2015 20:39:51 RAPID
19-01-2015 13:37:19 Installiert CoDeSys for Automation Alliance
22-01-2015 19:04:36 Windows Update
24-01-2015 11:57:13 Installed SW Update
28-01-2015 07:59:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021FBA49-9CE2-4630-B257-D5B03319B37E} - System32\Tasks\avastBCLRestartS-1-5-21-3589802351-439905089-1110981561-1001 => Chrome.exe 
Task: {1544F43B-58AB-470D-A30C-256A1EC00370} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-01] (Microsoft Corporation)
Task: {15E9A293-03E7-45AA-BC86-3F3B3819B1B1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {2509EB92-8F91-4D50-9226-58A16CCD0A14} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-11-12] (SEC)
Task: {2E71E9ED-86F0-4E4F-B678-FC7609C14A9E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {30B4CDAE-3786-442F-9F95-EAE10B7956AF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {413A57E4-F483-488F-8647-AC9A09BA8C0C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-12-31] (Microsoft Corporation)
Task: {43EE1E4C-6DB3-43A6-8315-687CAE69A323} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {5C1F0E62-71DB-4BD0-8970-2C29300B04A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-15] (Google Inc.)
Task: {6F73154C-3996-4575-A4C0-80D2763DB034} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-15] (Google Inc.)
Task: {78EBD80E-DEE4-4579-B3EE-A9E2D3040183} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-15] (AVAST Software)
Task: {80D783CC-237B-452C-B5FE-F728A35DFBFB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {A39C99FA-7FF9-43F1-B2F9-71DAA20CD0CA} - System32\Tasks\SamsungLinkPC => C:\Program Files (x86)\Samsung\HomeSync Lite\RefreshToken.exe
Task: {C76CDA18-7CD0-4DD9-A66D-7338706828D1} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-29] (Samsung Electronics CO., LTD.)
Task: {D7279592-2F09-49A7-BE22-D02E860985E2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {D864362E-B144-4455-8516-27C0F4820C86} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {DB610074-84F1-453C-9F37-C5B513F5646D} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
Task: {F970148F-2656-4628-8C63-947981AA7910} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Nico_Study-Nico Nico_Study => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-01] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-02-01 18:36 - 2012-11-10 10:28 - 00382544 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2015-02-01 18:36 - 2012-12-07 07:04 - 00513616 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2015-02-01 18:36 - 2012-12-07 07:05 - 00607312 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2015-01-15 19:39 - 2015-01-15 19:39 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-15 19:39 - 2015-01-15 19:39 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2014-10-01 19:54 - 2014-10-01 19:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-29 17:19 - 2014-10-29 17:19 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-01-10 22:48 - 2014-01-10 22:48 - 00380176 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2014-01-10 22:48 - 2014-01-10 22:48 - 04251920 _____ () C:\Program Files\Oracle\VirtualBox\VBoxRT.dll
2014-01-10 22:50 - 2014-01-10 22:50 - 02030352 _____ () C:\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2014-01-10 22:51 - 2014-01-10 22:51 - 00670992 _____ () C:\Program Files\Oracle\VirtualBox\VBoxREM.dll
2014-03-18 17:41 - 2014-03-18 17:41 - 00025088 _____ () C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL
2014-01-10 22:50 - 2014-01-10 22:50 - 00046864 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL
2014-01-10 22:50 - 2014-01-10 22:50 - 00048912 _____ () C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL
2014-01-10 22:50 - 2014-01-10 22:50 - 00042256 _____ () C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL
2014-01-10 22:51 - 2014-01-10 22:51 - 02270992 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL
2014-01-10 22:50 - 2014-01-10 22:50 - 00171792 _____ () C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2014-01-10 22:50 - 2014-01-10 22:50 - 00040208 _____ () C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL
2014-01-10 22:49 - 2014-01-10 22:49 - 00966416 _____ () C:\Program Files\Oracle\VirtualBox\VBoxManage.exe
2015-02-02 21:07 - 2015-02-02 21:06 - 00050477 _____ () C:\Users\Nico\Desktop\Defogger.exe
2013-10-10 17:48 - 2013-10-10 17:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-02-01 14:10 - 2015-02-01 14:10 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020100\algo.dll
2015-01-15 19:39 - 2015-01-15 19:39 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-02 07:27 - 2015-02-02 07:27 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll
2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 15:20 - 2012-10-27 15:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 15:22 - 2012-10-27 15:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2013-11-10 19:24 - 2013-11-10 19:24 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2013-11-10 19:24 - 2013-11-10 19:24 - 00358400 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2013-11-10 19:24 - 2013-11-10 19:24 - 00044544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2013-11-10 19:24 - 2013-11-10 19:24 - 00899584 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2015-01-15 20:17 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-01-15 22:09 - 2015-01-08 21:44 - 00750080 _____ () C:\Users\Nico\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-02 07:28 - 2015-02-02 07:28 - 00043008 _____ () c:\users\nico\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsaz467.dll
2015-01-15 22:09 - 2015-01-08 21:44 - 00047616 _____ () C:\Users\Nico\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-01-15 22:09 - 2015-01-08 21:44 - 00863744 _____ () C:\Users\Nico\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-01-15 22:09 - 2015-01-08 21:44 - 00200704 _____ () C:\Users\Nico\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-15 19:39 - 2015-01-15 19:39 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-15 19:31 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-01 18:36 - 2015-02-01 18:36 - 00312896 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2015-02-01 18:36 - 2015-02-01 18:36 - 00354368 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll
2015-02-01 18:36 - 2015-02-01 18:37 - 01286256 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\PPRESOURCES.DLL
2015-01-27 12:45 - 2015-01-27 12:45 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-15 15:29 - 2014-02-15 15:29 - 01853440 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\PySide.QtCore.pyd
2014-02-15 15:25 - 2014-02-15 15:25 - 00110592 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pyside-python2.7.dll
2014-02-15 15:24 - 2014-02-15 15:24 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\shiboken-python2.7.dll
2014-02-15 15:47 - 2014-02-15 15:47 - 06947328 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\PySide.QtGui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00042496 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32service.pyd
2014-12-17 15:11 - 2014-12-17 15:11 - 21121032 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll
2014-12-17 15:11 - 2014-12-17 15:11 - 00098312 _____ () C:\Program Files (x86)\Evernote\Evernote\websockets.dll
2014-12-17 15:11 - 2014-12-17 15:11 - 00439304 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-12-17 15:11 - 2014-12-17 15:11 - 00321032 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-12-17 15:10 - 2014-12-17 15:10 - 00988696 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll
2014-12-17 15:11 - 2014-12-17 15:11 - 00138776 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll
2014-12-17 15:11 - 2014-12-17 15:11 - 00195096 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Bitcasa"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ENISysTray"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\StartupApproved\Run: => "Spotify"

========================= Accounts: ==========================

Administrator (S-1-5-21-3589802351-439905089-1110981561-500 - Administrator - Disabled)
BitBox (S-1-5-21-3589802351-439905089-1110981561-1002 - Limited - Enabled)
Gast (S-1-5-21-3589802351-439905089-1110981561-501 - Limited - Disabled)
Nico (S-1-5-21-3589802351-439905089-1110981561-1001 - Administrator - Enabled) => C:\Users\Nico

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2015 05:18:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Nico_Study)
Description: Das Paket „Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (02/02/2015 07:40:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Tagesschau.exe, Version: 1.0.0.0, Zeitstempel: 0x54886d91
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17477, Zeitstempel: 0x5452dca5
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000098260a
ID des fehlerhaften Prozesses: 0x8d0
Startzeit der fehlerhaften Anwendung: 0xTagesschau.exe0
Pfad der fehlerhaften Anwendung: Tagesschau.exe1
Pfad des fehlerhaften Moduls: Tagesschau.exe2
Berichtskennung: Tagesschau.exe3
Vollständiger Name des fehlerhaften Pakets: Tagesschau.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Tagesschau.exe5

Error: (02/01/2015 01:35:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IntelliMem.exe, Version: 1.0.32.0, Zeitstempel: 0x50d4991a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000800000008
ID des fehlerhaften Prozesses: 0x4b8
Startzeit der fehlerhaften Anwendung: 0xIntelliMem.exe0
Pfad der fehlerhaften Anwendung: IntelliMem.exe1
Pfad des fehlerhaften Moduls: IntelliMem.exe2
Berichtskennung: IntelliMem.exe3
Vollständiger Name des fehlerhaften Pakets: IntelliMem.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IntelliMem.exe5

Error: (01/31/2015 00:06:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Tagesschau.exe, Version: 1.0.0.0, Zeitstempel: 0x54886d91
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17477, Zeitstempel: 0x5452dca5
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000098260a
ID des fehlerhaften Prozesses: 0x14f4
Startzeit der fehlerhaften Anwendung: 0xTagesschau.exe0
Pfad der fehlerhaften Anwendung: Tagesschau.exe1
Pfad des fehlerhaften Moduls: Tagesschau.exe2
Berichtskennung: Tagesschau.exe3
Vollständiger Name des fehlerhaften Pakets: Tagesschau.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Tagesschau.exe5

Error: (01/31/2015 03:56:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Tagesschau.exe, Version: 1.0.0.0, Zeitstempel: 0x54886d91
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17477, Zeitstempel: 0x5452dca5
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000098260a
ID des fehlerhaften Prozesses: 0x1358
Startzeit der fehlerhaften Anwendung: 0xTagesschau.exe0
Pfad der fehlerhaften Anwendung: Tagesschau.exe1
Pfad des fehlerhaften Moduls: Tagesschau.exe2
Berichtskennung: Tagesschau.exe3
Vollständiger Name des fehlerhaften Pakets: Tagesschau.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Tagesschau.exe5

Error: (01/30/2015 07:40:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Tagesschau.exe, Version: 1.0.0.0, Zeitstempel: 0x54886d91
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 6.3.9600.17477, Zeitstempel: 0x5452dca5
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000098260a
ID des fehlerhaften Prozesses: 0x1b4c
Startzeit der fehlerhaften Anwendung: 0xTagesschau.exe0
Pfad der fehlerhaften Anwendung: Tagesschau.exe1
Pfad des fehlerhaften Moduls: Tagesschau.exe2
Berichtskennung: Tagesschau.exe3
Vollständiger Name des fehlerhaften Pakets: Tagesschau.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Tagesschau.exe5

Error: (01/29/2015 03:03:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Tagesschau.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 260

Startzeit: 01d03b8c51a80e29

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m\Tagesschau.exe

Berichts-ID: 8bce0a5d-a7bf-11e4-bea3-1867b0c779c5

Vollständiger Name des fehlerhaften Pakets: Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (01/29/2015 03:03:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Nico_Study)
Description: Das Paket „Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (01/28/2015 01:40:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: delegate_execute.exe, Version: 40.0.2214.93, Zeitstempel: 0x54c45c3f
Name des fehlerhaften Moduls: delegate_execute.exe, Version: 40.0.2214.93, Zeitstempel: 0x54c45c3f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002c450
ID des fehlerhaften Prozesses: 0x189c
Startzeit der fehlerhaften Anwendung: 0xdelegate_execute.exe0
Pfad der fehlerhaften Anwendung: delegate_execute.exe1
Pfad des fehlerhaften Moduls: delegate_execute.exe2
Berichtskennung: delegate_execute.exe3
Vollständiger Name des fehlerhaften Pakets: delegate_execute.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: delegate_execute.exe5

Error: (01/28/2015 11:16:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x222c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5


System errors:
=============
Error: (02/02/2015 09:11:00 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: D:\Device\HarddiskVolume103

Error: (02/02/2015 08:58:33 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: Nico_Study)
Description: D:\Device\HarddiskVolume93

Error: (02/02/2015 08:56:42 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: D:\Device\HarddiskVolume92

Error: (02/02/2015 07:59:24 PM) (Source: volsnap) (EventID: 16) (User: )
Description: Die Schattenkopien von Volume "D:" wurden verworfen, weil die Bereitsstellungaufhebung von Volume "D:", das einen Schattenkopiespeicher für diese Schattenkopie enthält, erzwungen wurde.

Error: (02/02/2015 07:59:08 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: D:\Device\HarddiskVolume82

Error: (02/02/2015 07:58:12 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "D:" wurde eine Beschädigung erkannt.

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x10000000014f4. Der Name der Datei ist "\SAVE\#Data\Filme". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".

Error: (02/02/2015 07:51:07 PM) (Source: DCOM) (EventID: 10010) (User: Nico_Study)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/02/2015 07:02:22 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "NB",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{01E04A84-55B5-45E5-B2C8-8EA35C450074}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/02/2015 07:27:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util Dynamo Combo" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/02/2015 07:27:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Dynamo Combo" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (02/02/2015 05:18:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Nico_Study)
Description: Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m+App

Error: (02/02/2015 07:40:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Tagesschau.exe1.0.0.054886d91Windows.UI.Xaml.dll6.3.9600.174775452dca5c000027b000000000098260a8d001d03eb158224305C:\Program Files\WindowsApps\Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m\Tagesschau.exeC:\Windows\System32\Windows.UI.Xaml.dll546c63c4-aaa6-11e4-bea6-b4b6769c136dTagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69mApp

Error: (02/01/2015 01:35:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IntelliMem.exe1.0.32.050d4991aunknown0.0.0.000000000c000000500000008000000084b801d03d42e643f8f1C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exeunknownc4bcbf0f-aa0e-11e4-bea5-1867b0c779c5

Error: (01/31/2015 00:06:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Tagesschau.exe1.0.0.054886d91Windows.UI.Xaml.dll6.3.9600.174775452dca5c000027b000000000098260a14f401d03d43b9d96b70C:\Program Files\WindowsApps\Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m\Tagesschau.exeC:\Windows\System32\Windows.UI.Xaml.dll345b6b0a-a939-11e4-bea5-1867b0c779c5Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69mApp

Error: (01/31/2015 03:56:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Tagesschau.exe1.0.0.054886d91Windows.UI.Xaml.dll6.3.9600.174775452dca5c000027b000000000098260a135801d03d017ee61c50C:\Program Files\WindowsApps\Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m\Tagesschau.exeC:\Windows\System32\Windows.UI.Xaml.dllbd968bcd-a8f4-11e4-bea4-1867b0c779c5Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69mApp

Error: (01/30/2015 07:40:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Tagesschau.exe1.0.0.054886d91Windows.UI.Xaml.dll6.3.9600.174775452dca5c000027b000000000098260a1b4c01d03c5451e65a5fC:\Program Files\WindowsApps\Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m\Tagesschau.exeC:\Windows\System32\Windows.UI.Xaml.dlld497a980-a84a-11e4-bea4-1867b0c779c5Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69mApp

Error: (01/29/2015 03:03:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Tagesschau.exe1.0.0.026001d03b8c51a80e294294967295C:\Program Files\WindowsApps\Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m\Tagesschau.exe8bce0a5d-a7bf-11e4-bea3-1867b0c779c5Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69mApp

Error: (01/29/2015 03:03:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Nico_Study)
Description: Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m+App

Error: (01/28/2015 01:40:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe40.0.2214.9354c45c3fdelegate_execute.exe40.0.2214.9354c45c3fc00000050002c450189c01d03af787f322dcC:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\delegate_execute.exec661c0d0-a6ea-11e4-bea2-1867b0c779c5

Error: (01/28/2015 11:16:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425222c01d03ac835d220c1C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllae39ec30-a6d6-11e4-bea1-1867b0c779c5


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz
Percentage of memory in use: 34%
Total physical RAM: 16270.86 MB
Available physical RAM: 10710.32 MB
Total Pagefile: 17430.86 MB
Available Pagefile: 11041.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:393.69 GB) (Free:231.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5900EE1B)

Partition: GPT Partition Type.

==================== End Of Log ============================

Gmer.txt:
*leider zu groß -> siehe Anhang

Avast-BrowserClearnUp log:
*leider auch zu groß -> siehe Anhang

adwcleaner log:
*leider auch zu groß -> siehe Anhang

Wie ihr seht hab ich noch ein log von Avast-BroserCleanUp und vom adwcleaner angehängt - in der Hoffnung das könnte euch vielleicht helfen.
Leider ist der Beitrag mit 200000 Zeichen viel zu groß geworden, weshalb ich einige logfiles nun als Zip angehängt habe.

Gmer gab beim Start eine und nach ende des Scans zwei Fehlermeldungen aus - Scrennshots sind im Anhang.

Ich hoffe mal ich habe nichts vergessen - habe versucht möglichst genau die Situation darzustellen, wie gewünscht. Ich hoffe dennoch ich habe euch mit den Informationen nicht erschlagen.

Ich hoffe mal, dass ihr mir helfen könnt und wir das Problem wenn möglich ohne ein Neufsetzen des Latops lösen können.
In jedem Fall schonmal Danke, wenn sich jemand mit meinem Problem befasst und mir versucht zu helfen!

Edit: Den adwcleaner habe ich bisher nur zum scannen genutzt um auch das logfile hier posten zu können, gelöscht oder deinstalliert habe ich mit ihm noch nicht, da angst habe die falschen Datein zu löschen und keine Spuren des Schadbefalls für die Analyse hier vernichten wollte

Bootsektor · 03.02.2015, 00:37

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Bitte sämtliche Logfiles hier in diesen Thread posten.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:

Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

IneedHelp1 · 03.02.2015, 07:20

Hallo Sandra,
ersteinmal vielen Dank für die schnelle Antwort!

In der Anleitung habe ich gelesen, dass wenn die logs zu lang sind, man sie in ner zip in den Anhang hängen sollte und ich wollte keine Antwort posten, da sonst ja mein "Fall" als "in bearbeitung" gelten sollte.

Da ich ja nun von dir Betreut werde, hole ich das gerne nach

Logfiles:

FRST.txt - Teil 1

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Nico (administrator) on NICO_STUDY on 02-02-2015 21:09:39
Running from C:\Users\Nico\Desktop
Loaded Profiles: Nico (Available profiles: Nico)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(3S-Smart Software Solutions GmbH) C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Nico\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxTrayapp.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BITBstartApplicationAsUser.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\bitb.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\watchdog.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\watchdog.exe
() C:\Program Files\Oracle\VirtualBox\VBoxManage.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
() C:\Users\Nico\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [ENISysTray] => C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENISysTray.exe [245760 2009-01-20] (3S-Smart Software Solutions GmbH)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Quick Starter] => C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe [2358064 2014-07-15] (Samsung Electronics CO., LTD.)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Spotify] => C:\Users\Nico\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Spotify Web Helper] => C:\Users\Nico\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\MountPoints2: {5978b983-9cee-11e4-be94-b4b6769c136d} - "E:\autorun.exe" 
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245008 2015-01-05] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215312 2015-01-05] (Client Connect LTD)
Startup: C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {75EE9A76-CCF7-47D7-BAA3-573E905D5109} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {75EE9A76-CCF7-47D7-BAA3-573E905D5109} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk * aswBoot.exe /M:5971001 /wow /dir:"C:\Program Files\AVAST Software\Avast"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3589802351-439905089-1110981561-1001] => file://C:\Program Files (x86)\Dynamo Combo\bin\Pac9064.js
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&ts=1422024732&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&ts=1422024732&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&ts=1422024732&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&ts=1422024732&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&ts=1422024732&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Dynamo Combo 1.0.0.7 -> {986c37a1-7b65-476f-80dc-54f80bd4b0d6} -> C:\Program Files (x86)\Dynamo Combo\DynamoComboBHO.dll (Dynamo Combo)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\searchplugins\vi-view.xml
FF Extension: YouTube Unblocker - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\Extensions\youtubeunblocker@unblocker.yt [2015-01-15]
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-14]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\extensions\fftoolbar2014@etech.com
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\extensions\faststartff@gmail.com

Chrome: 
=======
CHR HomePage: Default -> hxxp://myhome.vi-view.com/?type=hp&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-15]
CHR Extension: (Google Drive) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-15]
CHR Extension: (YouTube) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-15]
CHR Extension: (Google-Suche) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-15]
CHR Extension: (Dynamo Combo) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\eheacoflpaonnngbihgdjcgjlhbfhcpe [2015-01-26]
CHR Extension: (Google Tabellen) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-15]
CHR Extension: (Avast Online Security) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-15]
CHR Extension: (Google Wallet) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-18]
CHR Extension: (Google Mail) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-15] (Avast Software)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2014-03-18] (Sirrix AG) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
R2 ENI Server; C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [651264 2009-01-20] (3S-Smart Software Solutions GmbH) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-01-16] (Foxit Software Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55720 2012-12-21] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1854056 2012-12-07] (Microsoft Corporation)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2015-01-06] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2015-01-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-01-15] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-23] (SysTool PasSame LIMITED) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-15] ()
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131328 2014-11-21] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [29096 2012-12-21] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104872 2012-12-21] (Condusiv Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-15] (Avast Software)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-01-15] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
R1 {16a92140-918d-4afb-9edb-46f22437bb10}Gw64; C:\Windows\System32\drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys [48792 2015-01-25] (StdLib)
R1 {3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64; C:\Windows\System32\drivers\{3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64.sys [48792 2015-01-28] (StdLib)
R1 {915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64; C:\Windows\System32\drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys [48792 2015-01-23] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 21:09 - 2015-02-02 21:09 - 00034370 _____ () C:\Users\Nico\Desktop\FRST.txt
2015-02-02 21:09 - 2015-02-02 21:09 - 00000000 ____D () C:\FRST
2015-02-02 21:08 - 2015-02-02 21:08 - 02131456 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2015-02-02 21:08 - 2015-02-02 21:08 - 02131456 _____ (Farbar) C:\Users\Nico\Desktop\FRST64.exe
2015-02-02 21:07 - 2015-02-02 21:07 - 00000470 _____ () C:\Users\Nico\Desktop\defogger_disable.log
2015-02-02 21:07 - 2015-02-02 21:07 - 00000000 _____ () C:\Users\Nico\defogger_reenable
2015-02-02 21:07 - 2015-02-02 21:06 - 00050477 _____ () C:\Users\Nico\Desktop\Defogger.exe
2015-02-02 21:06 - 2015-02-02 21:06 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2015-02-02 20:54 - 2015-02-02 20:54 - 00011731 _____ () C:\Users\Nico\Desktop\AdwCleaner[R0].txt
2015-02-02 18:40 - 2015-02-02 18:45 - 00000000 ____D () C:\AdwCleaner
2015-02-02 18:39 - 2015-02-02 18:39 - 02194432 _____ () C:\Users\Nico\Downloads\adwcleaner_4.109.exe
2015-02-02 18:39 - 2015-02-02 18:39 - 02194432 _____ () C:\Users\Nico\Desktop\adwcleaner_4.109.exe
2015-02-02 07:27 - 2015-02-02 07:28 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-06-27-57.055-AvastVBoxSVC.exe-3956.log
2015-02-01 19:36 - 2015-02-02 21:04 - 00005138 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nico_Study-Nico Nico_Study
2015-02-01 19:36 - 2015-02-01 19:36 - 00000000 ____D () C:\Users\Nico\Documents\Benutzerdefinierte Office-Vorlagen
2015-02-01 18:39 - 2015-02-01 18:39 - 00002185 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00002132 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00002132 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ___RD () C:\Users\Nico\SkyDrive
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2015-02-01 18:36 - 2015-02-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-01 18:36 - 2015-02-01 18:36 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-01 18:35 - 2015-02-01 18:35 - 01064632 _____ (Microsoft Corporation) C:\Users\Nico\Downloads\Setup.X86.de-DE_O365HomePremRetail_69addc71-75e4-44ca-8fe2-b75fec0ab50a_TX_DB_.exe
2015-01-31 21:32 - 2015-01-31 21:32 - 00000666 _____ () C:\Users\Nico\Documents\Desktop - Verknüpfung.lnk
2015-01-31 20:25 - 2015-01-31 20:25 - 00084743 _____ () C:\Users\Nico\Downloads\Lohnsteuertabelle 2015.html
2015-01-31 11:45 - 2015-01-31 11:46 - 00000197 _____ () C:\WINDOWS\system32\2015-01-31-10-45-29.010-AvastVBoxSVC.exe-2208.log
2015-01-30 07:17 - 2015-01-30 07:17 - 00000197 _____ () C:\WINDOWS\system32\2015-01-30-06-17-00.090-AvastVBoxSVC.exe-3828.log
2015-01-29 07:35 - 2015-01-29 07:35 - 00000247 _____ () C:\WINDOWS\system32\2015-01-29-06-35-36.066-aswFe.exe-7372.log
2015-01-29 07:30 - 2015-01-29 07:35 - 00000247 _____ () C:\WINDOWS\system32\2015-01-29-06-30-54.071-aswFe.exe-6736.log
2015-01-29 07:30 - 2015-01-29 07:30 - 00000197 _____ () C:\WINDOWS\system32\2015-01-29-06-30-53.005-AvastVBoxSVC.exe-1236.log
2015-01-29 07:22 - 2015-01-29 07:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\BRT
2015-01-29 07:22 - 2015-01-28 21:41 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64.sys
2015-01-28 12:49 - 2015-01-28 12:50 - 00000197 _____ () C:\WINDOWS\system32\2015-01-28-11-49-54.090-AvastVBoxSVC.exe-1900.log
2015-01-28 07:25 - 2015-01-28 07:25 - 00000197 _____ () C:\WINDOWS\system32\2015-01-28-06-25-25.070-AvastVBoxSVC.exe-4116.log
2015-01-27 23:50 - 2015-01-27 23:50 - 00000197 _____ () C:\WINDOWS\system32\2015-01-27-22-50-04.045-AvastVBoxSVC.exe-3340.log
2015-01-27 22:00 - 2015-01-27 22:02 - 51621699 _____ () C:\Users\Nico\Downloads\fritzing.0.9.1b.64.pc_1.zip
2015-01-27 12:45 - 2015-01-27 12:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 17:01 - 2015-01-25 05:44 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys
2015-01-25 11:13 - 2015-01-25 11:13 - 00000197 _____ () C:\WINDOWS\system32\2015-01-25-10-13-02.080-AvastVBoxSVC.exe-4020.log
2015-01-24 12:00 - 2015-01-24 12:00 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\PowerISO
2015-01-24 11:57 - 2015-01-24 11:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-01-24 11:55 - 2015-01-24 11:56 - 00000197 _____ () C:\WINDOWS\system32\2015-01-24-10-55-59.055-AvastVBoxSVC.exe-3480.log
2015-01-24 11:55 - 2015-01-24 11:55 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-01-24 00:31 - 2015-01-28 13:40 - 00003278 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-3589802351-439905089-1110981561-1001
2015-01-23 17:13 - 2015-01-23 17:14 - 00754216 _____ (DownloadAstro) C:\Users\Nico\Downloads\kmplayer.exe
2015-01-23 16:02 - 2015-01-23 16:02 - 00000197 _____ () C:\WINDOWS\system32\2015-01-23-15-02-14.017-AvastVBoxSVC.exe-3960.log
2015-01-23 15:59 - 2015-01-23 01:41 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys
2015-01-23 15:53 - 2015-01-23 15:53 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-23 15:52 - 2015-01-23 15:53 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-23 15:51 - 2015-01-23 15:51 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-01-23 15:51 - 2015-01-23 15:51 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-23 15:50 - 2015-01-23 15:50 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\vi-view
2015-01-23 15:49 - 2015-02-02 07:27 - 00000000 ____D () C:\Program Files (x86)\Dynamo Combo
2015-01-23 15:49 - 2015-01-23 18:59 - 00000000 ____D () C:\Users\Nico\AppData\Local\JDownloader v2.0
2015-01-23 07:18 - 2015-01-23 07:19 - 00000197 _____ () C:\WINDOWS\system32\2015-01-23-06-18-57.062-AvastVBoxSVC.exe-3996.log
2015-01-21 14:25 - 2015-01-21 14:25 - 00000000 ____D () C:\Users\Nico\AppData\Local\PDF24
2015-01-20 07:16 - 2015-01-20 07:17 - 00000197 _____ () C:\WINDOWS\system32\2015-01-20-06-16-31.052-AvastVBoxSVC.exe-3912.log
2015-01-20 07:15 - 2015-01-20 07:15 - 00000000 ____D () C:\ENI
2015-01-19 14:28 - 2015-01-19 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-01-19 14:28 - 2015-01-19 14:28 - 00000000 ____D () C:\Program Files (x86)\Evernote
2015-01-19 14:23 - 2015-01-19 14:25 - 98672136 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Nico\Downloads\Evernote_5.8.1.6061.exe
2015-01-19 13:39 - 2008-06-06 14:15 - 00016488 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\Drivers\SysDrv3S.sys
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3S Software
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\Program Files (x86)\3S Software
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\lm.dat
2015-01-19 13:38 - 2015-01-19 13:38 - 00000000 ____D () C:\WINDOWS\Gateway Files
2015-01-19 13:38 - 2015-01-19 13:38 - 00000000 ____D () C:\Users\Nico\AppData\Local\EvernoteNW
2015-01-19 13:38 - 2010-06-10 13:53 - 00225353 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\Gateway.exe
2015-01-19 13:38 - 2010-06-10 13:53 - 00217164 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GDrvStd.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00192588 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GClient.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00184396 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GatewayDDE.exe
2015-01-19 13:38 - 2010-06-10 13:53 - 00147532 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GSymbol.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00147528 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GUtil.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00143436 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GHandle.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00135258 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GHandleStdcall.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00114766 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GDrvBase.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00081993 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CommUsr.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00040960 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CAN_VCI.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00036937 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CommSym.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00032768 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\PEAK_USB.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00032768 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\PEAK_DNG.dll
2015-01-19 13:38 - 2010-05-11 17:10 - 00483328 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\LMAPI.DLL
2015-01-19 13:38 - 2010-01-07 16:57 - 00081408 ____N (PEAK-System Technik GmbH) C:\WINDOWS\SysWOW64\PCAN_USB.dll
2015-01-19 13:38 - 2010-01-07 16:57 - 00069120 ____N (PEAK-System Technik GmbH) C:\WINDOWS\SysWOW64\PCAN_DNG.dll
2015-01-19 13:38 - 2009-01-20 08:45 - 00274432 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\ENIClient.dll
2015-01-19 13:38 - 2007-04-10 16:30 - 00088613 _____ () C:\WINDOWS\SysWOW64\gateway.chm
2015-01-19 13:38 - 2007-02-27 16:59 - 00139264 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\3SXMLParser.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00114688 _____ (Technosoftware AG) C:\WINDOWS\SysWOW64\OCSDAAuto.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00077824 _____ (OPC Foundation) C:\WINDOWS\SysWOW64\opcproxy.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00075264 _____ () C:\WINDOWS\SysWOW64\callrproxy.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00061440 _____ (OPC Foundation) C:\WINDOWS\SysWOW64\opccomn_ps.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00060416 _____ () C:\WINDOWS\SysWOW64\OPCENUM.EXE
2015-01-19 13:38 - 2000-11-10 08:38 - 00040960 _____ (Technosoftware AG) C:\WINDOWS\SysWOW64\OCSSpy_ps.dll
2015-01-19 13:35 - 2015-01-19 13:35 - 00000197 _____ () C:\WINDOWS\system32\2015-01-19-12-35-36.019-AvastVBoxSVC.exe-3620.log
2015-01-18 16:12 - 2015-01-18 16:12 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2015-01-18 16:12 - 2015-01-18 16:12 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2015-01-18 15:18 - 2015-01-18 15:18 - 00000197 _____ () C:\WINDOWS\system32\2015-01-18-14-18-08.028-AvastVBoxSVC.exe-3876.log
2015-01-18 15:11 - 2015-01-18 15:11 - 00000197 _____ () C:\WINDOWS\system32\2015-01-18-14-11-07.053-AvastVBoxSVC.exe-3680.log
2015-01-16 00:17 - 2015-01-16 00:17 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-23-17-19.029-aswFe.exe-5592.log
2015-01-16 00:07 - 2015-01-16 00:17 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-23-07-38.068-aswFe.exe-5112.log
2015-01-16 00:07 - 2015-01-16 00:07 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-23-07-05.000-AvastVBoxSVC.exe-5652.log
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\1033
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\RsFx
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\1033
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0
2015-01-15 22:41 - 2009-07-21 01:42 - 00111640 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00079896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00078872 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00050200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2015-01-15 22:40 - 2015-01-15 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-01-15 22:39 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-01-15 22:39 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-15 22:38 - 2015-01-15 22:38 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2015-01-15 22:36 - 2015-01-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK - Deutsch
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Users\Nico\Documents\Visual Studio 2008
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files\IIS
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files (x86)\IIS
2015-01-15 22:34 - 2015-01-15 22:34 - 00000000 ____D () C:\Users\Nico\Documents\Visual Studio 2010
2015-01-15 22:32 - 2015-01-18 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
2015-01-15 22:32 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\1031
2015-01-15 22:32 - 2015-01-15 22:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-01-15 22:32 - 2015-01-15 22:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft F#
2015-01-15 22:32 - 2015-01-15 22:33 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2015-01-15 22:31 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\1031
2015-01-15 22:31 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0
2015-01-15 22:31 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\WINDOWS\symbols
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-01-15 22:30 - 2015-01-15 22:30 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2015-01-15 22:27 - 2015-01-21 14:33 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Windows Live Writer
2015-01-15 22:27 - 2015-01-15 22:27 - 00000000 ____D () C:\Users\Nico\AppData\Local\Windows Live Writer
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELECTRA_250
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\ProgramData\CP70vxDj0
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\Program Files (x86)\ELECTRA_250
2015-01-15 22:21 - 2015-01-15 22:21 - 00000806 _____ () C:\Users\Nico\Downloads\#Ablage.lnk
2015-01-15 22:21 - 2015-01-15 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TARGET 3001! V17 pcb-pool
2015-01-15 22:21 - 2015-01-15 22:21 - 00000000 ____D () C:\Program Files (x86)\ibf
2015-01-15 22:13 - 2015-02-02 07:28 - 00000000 ___RD () C:\Users\Nico\Dropbox
2015-01-15 22:06 - 2015-01-15 22:06 - 00324136 _____ (Dropbox, Inc.) C:\Users\Nico\Downloads\DropboxInstaller.exe
2015-01-15 21:57 - 2015-01-15 21:57 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-20-57-11.022-AvastVBoxSVC.exe-3676.log
2015-01-15 21:55 - 2015-01-15 21:55 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Sirrix AG
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\Users\Nico\AppData\Local\Cisco
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\ProgramData\Cisco
2015-01-15 21:54 - 2013-10-10 17:29 - 00112496 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2015-01-15 21:53 - 2015-01-15 21:53 - 00001275 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\ProgramData\Sirrix AG
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\Program Files (x86)\Sirrix AG
2015-01-15 21:50 - 2015-01-15 21:50 - 00000000 ____D () C:\Program Files\Oracle
2015-01-15 21:50 - 2014-01-10 22:49 - 00239376 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2015-01-15 21:50 - 2014-01-10 22:48 - 00119056 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2015-01-15 21:46 - 2015-01-15 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-15 21:45 - 2015-01-15 22:09 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-15 21:43 - 2015-02-02 20:59 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 21:43 - 2015-02-02 07:27 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 21:43 - 2015-01-15 21:54 - 00004112 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-15 21:43 - 2015-01-15 21:54 - 00003876 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-15 21:43 - 2015-01-15 21:46 - 00000000 ____D () C:\Users\Nico\AppData\Local\Google
2015-01-15 21:43 - 2015-01-15 21:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-15 21:42 - 2015-02-02 07:28 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Dropbox
2015-01-15 21:37 - 2015-01-15 21:37 - 00000000 ____D () C:\Users\Nico\AppData\Local\Evernote
2015-01-15 21:32 - 2015-01-18 15:59 - 00004062 _____ () C:\Users\Nico\AppData\Roaming\LTspiceIV.ini
2015-01-15 21:30 - 2015-01-15 21:30 - 00001211 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\LTspice IV.lnk
2015-01-15 21:30 - 2015-01-15 21:30 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Toastify
2015-01-15 21:29 - 2015-01-15 21:29 - 00000000 ____D () C:\Program Files (x86)\LTC
2015-01-15 21:20 - 2015-01-15 21:21 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-20-20-55.031-AvastVBoxSVC.exe-3124.log
2015-01-15 21:20 - 2015-01-15 21:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-15 21:20 - 2015-01-15 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-15 21:19 - 2015-01-15 21:19 - 00000844 _____ () C:\Users\Nico\Desktop\##Studium## - Verknüpfung.lnk
2015-01-15 21:19 - 2015-01-15 21:19 - 00000806 _____ () C:\Users\Nico\Desktop\#Ablage - Verknüpfung.lnk
2015-01-15 21:18 - 2015-01-15 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-01-15 21:18 - 2015-01-15 21:18 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-01-15 21:17 - 2015-01-15 22:21 - 00000000 ____D () C:\Program Files (x86)\PhotoshopPortable
2015-01-15 21:16 - 2015-01-15 21:16 - 00000039 _____ () C:\Users\Nico\AppData\Roaming\SupportBox_MSUL.cfg
2015-01-15 21:16 - 2015-01-15 21:16 - 00000000 ____D () C:\Users\Nico\AppData\Local\SearchProtect
2015-01-15 21:16 - 2015-01-15 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-01-15 21:16 - 2015-01-15 21:16 - 00000000 ____D () C:\Program Files\PowerISO
2015-01-15 21:16 - 2015-01-15 21:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2015-01-15 21:16 - 2014-03-30 07:26 - 00129944 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\Program Files (x86)\Toastify
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2015-01-15 21:11 - 2015-01-26 13:55 - 00000000 ____D () C:\Users\Nico\AppData\Local\Spotify
2015-01-15 21:11 - 2015-01-15 21:11 - 00001794 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-01-15 21:11 - 2015-01-15 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-01-15 21:11 - 2015-01-15 21:11 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-01-15 21:10 - 2015-01-23 18:57 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\vlc
2015-01-15 21:10 - 2015-01-15 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-15 21:10 - 2015-01-15 21:10 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-01-15 21:09 - 2015-02-01 21:47 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Spotify
2015-01-15 21:09 - 2015-01-15 21:09 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-15 21:08 - 2015-01-15 21:08 - 00000000 ____D () C:\The KMPlayer
2015-01-15 21:06 - 2015-01-15 21:06 - 00001478 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-01-15 21:06 - 2015-01-15 21:06 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\it
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\fr
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\de
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\Program Files\Windows Live
2015-01-15 21:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-01-15 21:06 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-01-15 21:06 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-01-15 21:05 - 2015-01-22 07:22 - 00000000 ____D () C:\Users\Nico\AppData\Local\Windows Live
2015-01-15 21:05 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-01-15 21:05 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-01-15 21:03 - 2015-02-02 21:08 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Skype
2015-01-15 21:03 - 2015-01-15 21:20 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 21:03 - 2015-01-15 21:03 - 00000000 ____D () C:\Users\Nico\AppData\Local\Skype
2015-01-15 21:01 - 2015-01-15 21:08 - 92658088 _____ (Oracle Corporation) C:\Users\Nico\Downloads\jre-8u25-windows-x64.exe
2015-01-15 21:01 - 2015-01-15 21:03 - 29727656 _____ (Oracle Corporation) C:\Users\Nico\Downloads\jre-8u25-windows-i586.exe
2015-01-15 21:00 - 2015-01-15 21:09 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-15 21:00 - 2015-01-15 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-15 21:00 - 2015-01-15 21:03 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-15 21:00 - 2015-01-15 21:00 - 00000000 ____D () C:\ProgramData\Sun
2015-01-15 20:58 - 2015-01-28 21:18 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Foxit Software
2015-01-15 20:58 - 2015-01-15 20:58 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-15 20:58 - 2015-01-15 20:58 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-01-15 20:57 - 2015-01-13 18:08 - 00001012 _____ () C:\Users\Nico\Desktop\DHBW.exe.lnk
2015-01-15 20:42 - 2015-01-15 20:42 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-42-31.087-AvastVBoxSVC.exe-2524.log
2015-01-15 20:40 - 2015-01-15 20:40 - 00000000 ____D () C:\WINDOWS\system32\RAPID
2015-01-15 20:40 - 2014-09-16 14:30 - 00268976 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SamsungRapidDiskFltr.sys
2015-01-15 20:24 - 2015-01-15 20:24 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-24-13.000-AvastVBoxSVC.exe-2488.log
2015-01-15 20:17 - 2015-01-15 20:17 - 00003276 _____ () C:\WINDOWS\System32\Tasks\SamsungMagician
2015-01-15 20:17 - 2015-01-15 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2015-01-15 20:15 - 2015-01-15 20:15 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-15-31.060-AvastVBoxSVC.exe-2496.log
2015-01-15 20:11 - 2015-01-15 20:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-19-11-42.036-aswFe.exe-3816.log
2015-01-15 20:09 - 2015-01-15 20:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-19-09-56.093-aswFe.exe-3408.log
2015-01-15 20:09 - 2015-01-15 20:10 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-09-56.027-AvastVBoxSVC.exe-2432.log
2015-01-15 20:00 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-15 20:00 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-15 19:55 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-15 19:55 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-15 19:55 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-15 19:55 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-15 19:55 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-15 19:55 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-15 19:55 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-15 19:55 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-15 19:55 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-15 19:55 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-15 19:55 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-15 19:55 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-15 19:55 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-15 19:55 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-15 19:55 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-15 19:55 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-15 19:55 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-15 19:55 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-15 19:55 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-15 19:55 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-15 19:55 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-15 19:55 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-15 19:55 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-15 19:55 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-15 19:55 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-15 19:55 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-15 19:55 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-15 19:55 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-15 19:55 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-15 19:55 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-15 19:55 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-15 19:55 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-15 19:55 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-15 19:55 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-15 19:55 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-15 19:55 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-15 19:55 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-15 19:55 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-15 19:55 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-15 19:55 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-15 19:55 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-15 19:55 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-15 19:55 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-15 19:55 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-15 19:55 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-15 19:55 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-15 19:55 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-15 19:55 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-15 19:55 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-15 19:55 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-15 19:55 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-15 19:55 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-15 19:55 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-15 19:55 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-15 19:55 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-15 19:55 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-15 19:55 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-15 19:55 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-15 19:55 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-15 19:55 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-15 19:55 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-15 19:55 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-15 19:55 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-15 19:55 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-15 19:55 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-15 19:55 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-15 19:55 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-15 19:55 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-15 19:55 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-15 19:55 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-15 19:55 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-15 19:55 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-15 19:55 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-15 19:55 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-15 19:55 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-15 19:55 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-15 19:55 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-15 19:55 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-15 19:55 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-15 19:55 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-15 19:55 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-15 19:55 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-15 19:55 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-15 19:55 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-15 19:55 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-15 19:55 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-15 19:55 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-15 19:55 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-15 19:55 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-15 19:55 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-15 19:55 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-15 19:55 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-15 19:55 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-15 19:55 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-15 19:55 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-15 19:55 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-15 19:55 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-15 19:55 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-15 19:55 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-15 19:55 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-15 19:55 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-15 19:55 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-15 19:55 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-15 19:55 - 2014-10-17 05:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-15 19:55 - 2014-10-17 05:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-15 19:55 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-15 19:55 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-15 19:54 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-01-15 19:54 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-01-15 19:52 - 2015-01-15 19:52 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-18-52-31.026-aswFe.exe-6052.log
2015-01-15 19:52 - 2015-01-15 19:52 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-18-52-30.013-AvastVBoxSVC.exe-4164.log
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\ProgramData\ATI
2015-01-15 19:45 - 2015-01-15 19:45 - 03733666 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-01-15 19:45 - 2015-01-15 19:45 - 00000000 ____D () C:\WINDOWS\RSTLog
2015-01-15 19:45 - 2015-01-15 19:45 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Intel Corporation
2015-01-15 19:44 - 2015-01-15 19:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-01-15 19:43 - 2013-07-26 15:07 - 00827096 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2015-01-15 19:43 - 2013-07-26 15:07 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-01-15 19:42 - 2013-07-24 14:57 - 00022832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2015-01-15 19:39 - 2015-01-15 19:39 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-15 19:39 - 2015-01-15 19:39 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-15 19:38 - 2015-02-02 19:57 - 00000000 ____D () C:\#Data
2015-01-15 19:32 - 2015-01-15 19:32 - 00003936 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-01-15 19:32 - 2015-01-15 19:32 - 00003690 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-01-15 19:32 - 2015-01-15 19:32 - 00000000 _____ () C:\WINDOWS\SysWOW64\agent.log
2015-01-15 19:31 - 2015-01-15 19:31 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-01-15 19:26 - 2015-01-15 19:26 - 00061191 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201501151926091236.log
2015-01-15 19:26 - 2015-01-15 19:26 - 00001272 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerXpress.lnk
2015-01-15 19:26 - 2015-01-15 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-15 19:26 - 2015-01-15 19:26 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-15 19:25 - 2013-08-30 20:14 - 00156712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00141256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 09464840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 01233080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-01-15 19:25 - 2013-08-30 20:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-01-15 19:25 - 2013-08-30 20:05 - 00781312 _____ () C:\WINDOWS\system32\amdmiracast.dll
2015-01-15 19:25 - 2013-08-30 19:48 - 00229376 _____ () C:\WINDOWS\system32\clinfo.exe
2015-01-15 19:25 - 2013-08-30 19:48 - 00127488 _____ (AMD) C:\WINDOWS\system32\coinst_13.152.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2015-01-15 19:25 - 2013-08-30 19:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-01-15 19:25 - 2013-08-30 19:43 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-01-15 19:25 - 2013-08-30 19:43 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-01-15 19:25 - 2013-08-30 19:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00530824 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-01-15 19:25 - 2013-08-30 19:18 - 00530824 _____ () C:\WINDOWS\system32\atiapfxx.blb
2015-01-15 19:25 - 2013-08-30 19:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-01-15 19:25 - 2013-08-30 19:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-01-15 19:25 - 2013-08-30 19:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-01-15 19:25 - 2013-08-30 19:14 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-01-15 19:25 - 2013-08-30 19:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-01-15 19:25 - 2013-08-30 19:04 - 03388672 _____ () C:\WINDOWS\system32\atiumd6a.cap
2015-01-15 19:25 - 2013-08-30 18:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-01-15 19:25 - 2013-08-30 18:58 - 00571904 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-01-15 19:25 - 2013-08-30 18:58 - 00026112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-01-15 19:25 - 2013-08-30 18:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-01-15 19:25 - 2013-08-30 18:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-01-15 19:25 - 2013-08-30 18:50 - 03422720 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2015-01-15 19:25 - 2013-08-30 18:37 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-01-15 19:25 - 2013-08-30 18:35 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2015-01-15 19:25 - 2013-08-30 18:34 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-01-15 19:25 - 2013-08-30 18:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-01-15 19:25 - 2013-08-27 15:06 - 00233652 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
2015-01-15 19:25 - 2013-08-27 13:27 - 00082336 _____ () C:\WINDOWS\system32\ativce02.dat
2015-01-15 19:25 - 2013-08-07 13:22 - 00716208 _____ () C:\WINDOWS\system32\atiicdxx.dat
2015-01-15 19:25 - 2013-08-07 11:12 - 00231984 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2015-01-15 19:25 - 2013-05-04 15:22 - 00047164 _____ () C:\WINDOWS\atiogl.xml
2015-01-15 19:09 - 2015-01-15 19:09 - 00000000 ____D () C:\Program Files\DIFX
2015-01-15 18:45 - 2015-01-15 18:45 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-15 18:44 - 2015-01-15 18:44 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-01-15 18:44 - 2015-01-15 18:44 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-01-15 18:42 - 2015-01-15 18:42 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-15 18:42 - 2015-01-15 18:42 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-15 18:41 - 2015-01-15 18:41 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-15 18:41 - 2015-01-15 18:41 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-15 18:28 - 2015-01-15 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-15 18:25 - 2015-01-15 18:25 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-01-15 18:23 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2015-01-15 18:22 - 2015-01-15 18:22 - 00001450 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 18:22 - 2015-01-15 18:22 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-01-15 18:22 - 2015-01-15 18:22 - 00000020 ___SH () C:\Users\Nico\ntuser.ini
2015-01-15 18:22 - 2015-01-15 18:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\ATI
2015-01-15 18:22 - 2015-01-15 18:22 - 00000000 ____D () C:\Users\Nico\AppData\Local\ATI
2015-01-15 18:20 - 2015-02-02 20:03 - 02036910 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-15 18:20 - 2015-01-15 18:20 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-01-15 18:18 - 2015-01-15 18:18 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-15 18:17 - 2015-02-02 21:07 - 00000000 ____D () C:\Users\Nico
2015-01-15 18:17 - 2015-01-15 18:20 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-01-15 18:17 - 2015-01-15 18:20 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Vorlagen
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Startmenü
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Netzwerkumgebung
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Lokale Einstellungen
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Eigene Dateien
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Druckumgebung
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Musik
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Bilder
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Verlauf
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Anwendungsdaten
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Anwendungsdaten
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-01-15 18:17 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 18:17 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-15 18:17 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-15 18:17 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-15 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_SensorsAlsDriver_01_11_00.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\Program Files\Realtek
2015-01-15 18:14 - 2015-01-15 19:46 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\Program Files\AMD
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\AMD
2015-01-15 18:13 - 2015-01-15 19:46 - 00000000 ____D () C:\Program Files\Elantech
2015-01-15 18:13 - 2015-01-15 18:22 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-15 18:13 - 2015-01-15 18:13 - 00000000 __SHD () C:\Recovery
2015-01-15 18:12 - 2015-01-15 18:12 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-15 18:12 - 2015-01-15 18:12 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-15 18:12 - 2015-01-15 18:12 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-15 18:12 - 2015-01-15 18:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-01-15 18:12 - 2015-01-15 18:12 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-01-15 18:12 - 2015-01-15 18:12 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-15 18:12 - 2015-01-15 18:12 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-15 18:11 - 2015-01-19 23:25 - 00000000 ____D () C:\WINDOWS\en-GB
2015-01-15 18:11 - 2015-01-15 18:11 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-15 18:11 - 2015-01-15 18:11 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-15 18:11 - 2015-01-15 18:11 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-01-15 18:01 - 2015-01-15 18:01 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-15 18:01 - 2015-01-15 18:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-15 18:01 - 2015-01-15 18:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-15 18:01 - 2015-01-15 18:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-01-15 18:01 - 2015-01-15 18:01 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-01-15 18:00 - 2015-01-19 23:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-01-15 18:00 - 2015-01-15 22:37 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-15 18:00 - 2015-01-15 22:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-15 18:00 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-15 17:54 - 2015-01-15 18:20 - 00006611 _____ () C:\WINDOWS\comsetup.log
2015-01-15 17:32 - 2014-07-21 21:28 - 04016216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-01-15 17:32 - 2014-07-21 13:52 - 01279373 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-01-15 17:32 - 2014-07-18 18:10 - 02810736 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-01-15 17:32 - 2014-07-18 14:22 - 00955096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-01-15 17:32 - 2014-07-16 14:36 - 67245056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-01-15 17:32 - 2014-07-07 19:55 - 00000008 _____ () C:\WINDOWS\system32\Drivers\rtkhdaud.dat
2015-01-15 17:32 - 2014-07-07 14:07 - 02860760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-01-15 17:32 - 2014-07-04 11:07 - 01024728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-01-15 17:32 - 2014-06-17 13:32 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-01-15 17:32 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-01-15 17:32 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-01-15 17:32 - 2014-02-06 11:28 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-01-15 17:32 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-01-15 17:32 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-01-15 17:32 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-01-15 17:32 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-01-15 17:32 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-01-15 17:32 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-01-15 17:32 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-01-15 17:31 - 2015-01-15 19:44 - 00000194 _____ () C:\Setup.log
2015-01-15 17:31 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-01-15 17:31 - 2014-05-19 10:47 - 02080472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-01-15 17:31 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-01-15 17:31 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-01-15 17:31 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-01-15 17:31 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-01-15 17:31 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-01-15 17:31 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-01-15 17:31 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-01-15 16:47 - 2015-01-15 16:47 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Samsung
2015-01-15 16:33 - 2015-01-15 16:33 - 00002970 _____ () C:\WINDOWS\System32\Tasks\SamsungLinkPC
2015-01-15 09:48 - 2015-01-15 09:48 - 00003126 _____ () C:\WINDOWS\System32\Tasks\advRecovery
2015-01-15 09:46 - 2015-01-15 09:46 - 00000000 ____D () C:\iBTWU
2015-01-15 09:34 - 2015-01-15 09:34 - 00003434 _____ () C:\WINDOWS\System32\Tasks\Settings
2015-01-14 23:08 - 2015-01-23 07:23 - 00003718 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-01-14 15:10 - 2015-01-14 15:10 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Macromedia
2015-01-14 15:10 - 2015-01-14 15:10 - 00000000 ____D () C:\Users\Nico\AppData\Local\Macromedia
2015-01-14 15:09 - 2015-02-02 20:17 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-14 15:09 - 2015-01-25 11:17 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-14 15:08 - 2015-01-27 07:39 - 00000000 ____D () C:\Users\Nico\AppData\Local\Adobe
2015-01-14 15:03 - 2015-01-14 15:03 - 00003476 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-01-14 15:03 - 2015-01-14 15:03 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2015-01-14 14:59 - 2015-01-15 18:24 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-01-14 14:58 - 2015-01-14 14:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 14:58 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 14:40 - 2015-01-15 21:54 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-01-14 14:40 - 2015-01-14 14:40 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-01-14 14:35 - 2014-10-22 04:34 - 00010777 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-01-14 14:01 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-01-14 14:01 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-01-14 13:08 - 2015-01-14 13:08 - 00000000 _____ () C:\Users\Nico\agent.log
2015-01-14 13:01 - 2015-01-15 19:40 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-14 13:01 - 2015-01-15 19:39 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-14 13:01 - 2015-01-15 19:39 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2015-01-14 12:54 - 2015-01-14 12:54 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Mozilla
2015-01-14 12:54 - 2015-01-14 12:54 - 00000000 ____D () C:\Users\Nico\AppData\Local\Mozilla
2015-01-14 12:53 - 2015-01-27 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-14 12:53 - 2015-01-24 00:34 - 00001151 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-14 12:53 - 2015-01-14 12:53 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 12:49 - 2015-01-30 07:16 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-14 12:49 - 2015-01-15 19:39 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\AVAST Software
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-14 12:29 - 2015-01-15 18:46 - 00008400 _____ () C:\WINDOWS\wsusofflineupdate.log
2015-01-14 12:28 - 2015-02-01 18:56 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3589802351-439905089-1110981561-1001
2015-01-14 12:28 - 2015-01-14 12:28 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\WinRAR
2015-01-14 12:28 - 2015-01-14 12:28 - 00000000 ____D () C:\Users\Nico\AppData\Local\bitcasa
2015-01-14 12:27 - 2015-01-15 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 12:27 - 2015-01-15 18:17 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 12:27 - 2015-01-15 17:40 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-14 12:24 - 2015-01-15 20:25 - 00000000 ____D () C:\Users\Nico\AppData\Local\Samsung
2015-01-14 12:23 - 2015-01-31 12:09 - 00005347 _____ () C:\Users\Nico\AppData\Roaming\AbsoluteReminder.xml
2015-01-14 12:23 - 2015-01-14 12:23 - 00001249 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2015-01-14 12:23 - 2015-01-14 12:23 - 00001202 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2015-01-14 12:23 - 2015-01-14 12:23 - 00000000 ____D () C:\Users\Nico\AppData\Local\Absolute_Software
2015-01-14 12:23 - 2015-01-14 12:23 - 00000000 _____ () C:\WINDOWS\system32\Drivers\144D_SAMSUNG_na_870Z5E_P05A.mrk
2015-01-14 12:22 - 2015-02-01 18:36 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2015-01-14 12:22 - 2015-01-23 15:50 - 00000000 ____D () C:\Users\Nico\AppData\Local\Packages
2015-01-14 12:22 - 2015-01-14 12:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Intel
2015-01-14 12:22 - 2015-01-14 12:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Adobe
2015-01-14 12:22 - 2013-02-27 18:08 - 139490760 _____ () C:\WINDOWS\[0407]SamsungStory01_ger.scr

Dieses logfile war schon wieder zu groß ^^ -> Teil 2 folgt in der nächsten Antwort

IneedHelp1 · 03.02.2015, 07:23

Hier Teil 2 von FRST.txt:

Code:

ATTFilter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 21:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-02 20:44 - 2013-08-22 15:46 - 00310287 _____ () C:\WINDOWS\setupact.log
2015-02-02 19:58 - 2014-11-21 04:35 - 01963610 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-02 19:58 - 2014-11-21 03:45 - 00831932 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-02 19:58 - 2014-11-21 03:45 - 00184304 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-02 07:30 - 2013-04-15 22:37 - 00000000 ____D () C:\ProgramData\WinClon
2015-02-02 07:27 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-02 07:26 - 2014-11-20 19:24 - 00024436 _____ () C:\WINDOWS\PFRO.log
2015-02-02 07:26 - 2013-08-22 15:44 - 00533664 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-01 22:06 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-01 18:09 - 2013-08-22 14:25 - 00000194 _____ () C:\WINDOWS\win.ini
2015-01-28 08:00 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-24 21:20 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 11:57 - 2013-04-15 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-24 00:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-01-23 15:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-23 07:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-22 18:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-19 23:25 - 2014-11-21 04:13 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-01-19 13:38 - 2013-04-15 21:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 22:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-15 22:39 - 2013-04-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-15 21:06 - 2013-04-15 22:41 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-01-15 21:06 - 2013-04-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-15 21:05 - 2013-04-15 22:41 - 00001653 _____ () C:\WINDOWS\DirectX.log
2015-01-15 20:39 - 2013-04-15 21:50 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-15 20:17 - 2013-04-15 22:38 - 00000000 ____D () C:\ProgramData\Samsung
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ____D () C:\ProgramData\Intel
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ____D () C:\Program Files\Intel
2015-01-15 19:44 - 2013-04-15 21:48 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-15 19:42 - 2013-04-15 21:49 - 00028034 _____ () C:\WINDOWS\DPINST.LOG
2015-01-15 19:36 - 2013-08-22 15:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2015-01-15 19:36 - 2013-04-15 22:46 - 00019318 _____ () C:\WINDOWS\system32\results.xml
2015-01-15 19:26 - 2013-04-15 22:34 - 00000000 ____D () C:\ProgramData\AMD
2015-01-15 19:25 - 2013-04-15 22:33 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-15 19:25 - 2013-04-15 21:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-15 18:46 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:46 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-01-15 18:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-15 18:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-15 18:20 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-15 18:19 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-01-15 18:19 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-15 18:18 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-01-15 18:18 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-01-15 18:18 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-01-15 18:18 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-01-15 18:18 - 2013-08-22 14:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-15 18:18 - 2013-04-15 22:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2015-01-15 18:18 - 2013-04-15 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitcasa
2015-01-15 18:18 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
2015-01-15 18:18 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Absolute Software
2015-01-15 18:18 - 2013-04-15 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-01-15 18:18 - 2012-08-05 22:11 - 00000000 ____D () C:\ProgramData\PRICache
2015-01-15 18:18 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-01-15 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-01-15 18:12 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-01-15 18:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-01-15 17:58 - 2013-04-15 21:49 - 01771989 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-01-15 17:56 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-01-15 17:32 - 2013-04-15 21:48 - 00002787 _____ () C:\RHDSetup.log
2015-01-15 17:32 - 2013-04-15 21:48 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-15 13:07 - 2013-04-15 22:38 - 00000000 ____D () C:\ProgramData\Temp
2015-01-15 09:48 - 2013-04-15 21:50 - 00000000 ____D () C:\Program Files\Samsung
2015-01-14 14:40 - 2013-04-15 22:38 - 00000000 ____D () C:\Users\EasySurvey
2015-01-14 14:39 - 2013-04-15 21:48 - 00000000 ____D () C:\Intel
2015-01-14 12:48 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Norton
2015-01-14 12:46 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories =======

2015-01-14 12:23 - 2015-01-31 12:09 - 0005347 _____ () C:\Users\Nico\AppData\Roaming\AbsoluteReminder.xml
2015-01-15 21:32 - 2015-01-18 15:59 - 0004062 _____ () C:\Users\Nico\AppData\Roaming\LTspiceIV.ini
2015-01-15 21:16 - 2015-01-15 21:16 - 0000039 _____ () C:\Users\Nico\AppData\Roaming\SupportBox_MSUL.cfg
2015-01-15 18:15 - 2015-01-15 18:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-15 22:43 - 2013-02-19 08:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-04-15 22:43 - 2013-01-12 15:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\Nico\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsaz467.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-26 07:33

==================== End Of Log ============================

Gmer.txt:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-02 21:22:52
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002e Samsung_SSD_840_EVO_500GB rev.EXT0BB6Q 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Nico\AppData\Local\Temp\pwryyfog.sys


---- Kernel code sections - GMER 2.1 ----

.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                                                                                                                                         fffff9600009e200 15 bytes [00, 28, F6, 01, 80, 1C, 6C, ...]
.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                                                                                                                                                                    fffff9600009e210 11 bytes [00, 0E, FC, FF, 00, 05, C4, ...]

---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [992:100]                                                                                                                                                                                                                 fffff9600090b2d0
---- Processes - GMER 2.1 ----

Process  C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (*** suspicious ***) @ C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [1864] (Windows SysTool  Service/SysTool PasSame LIMITED)(2015-01-23 14:51:48)                       0000000000960000
Process  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (FILE NOT FOUND)                                                                                              0000000000400000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:09)        0000000065490000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:08)            0000000065190000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:08)           0000000064da0000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096](2015-01-15 21:09:09)                                                                                        0000000064ce0000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (ICU I18N DLL/The ICU Project)(2015-01-15 21:09:09)                                                           000000004a900000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (ICU Common DLL/The ICU Project)(2015-01-15 21:09:09)                                                         0000000004300000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (ICU Data DLL/The ICU Project)(2015-01-15 21:09:09)                                                           000000004ad00000
Library  c:\users\nico\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsaz467.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096](2015-02-02 06:28:08)                                       0000000003ee0000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:08)        0000000062b30000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:09)         0000000061120000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:09)          0000000060f00000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:08)            0000000060ca0000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:09)            0000000060c70000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096](2015-01-15 21:09:09)                                                                                           000000006a1b0000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:09)  0000000060c40000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:08)         0000000060c00000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-01-15 21:09:08)   0000000060bb0000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096](2015-01-15 21:09:09)                                                                       0000000062a50000
Library  C:\Users\Nico\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [7096](2015-01-15 21:09:09)                                                                       0000000062a10000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                                                   unknown MBR code

---- EOF - GMER 2.1 ----

adwcleaner:

Code:

ATTFilter

# AdwCleaner v4.109 - Bericht erstellt am 02/02/2015 um 18:40:12
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Nico - NICO_STUDY
# Gestartet von : C:\Users\Nico\Desktop\adwcleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : WindowsMangerProtect
Dienst Gefunden : IHProtect Service
Dienst Gefunden : Util Dynamo Combo
Dienst Gefunden : Update Dynamo Combo
Dienst Gefunden : Update Dynamo Combo
Dienst Gefunden : Util Dynamo Combo
Dienst Gefunden : {16a92140-918d-4afb-9edb-46f22437bb10}Gw64
Dienst Gefunden : {3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64
Dienst Gefunden : {915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gefunden : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gefunden : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Datei Gefunden : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
Datei Gefunden : C:\WINDOWS\System32\drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys
Datei Gefunden : C:\WINDOWS\System32\drivers\{3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64.sys
Datei Gefunden : C:\WINDOWS\System32\drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys
Ordner Gefunden : C:\Program Files (x86)\Dynamo Combo
Ordner Gefunden : C:\Program Files (x86)\Dynamo Combo
Ordner Gefunden : C:\Program Files (x86)\SearchProtect
Ordner Gefunden : C:\Program Files (x86)\XTab
Ordner Gefunden : C:\ProgramData\IHProtectUpDate
Ordner Gefunden : C:\ProgramData\WindowsMangerProtect
Ordner Gefunden : C:\Users\Nico\AppData\Local\SearchProtect
Ordner Gefunden : C:\Users\Nico\AppData\Roaming\vi-view

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Schlüssel Gefunden : HKCU\Software\Dynamo Combo
Schlüssel Gefunden : HKCU\Software\Dynamo Combo
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gefunden : HKCU\Software\Mozilla\Extends
Schlüssel Gefunden : [x64] HKCU\Software\Dynamo Combo
Schlüssel Gefunden : [x64] HKCU\Software\Dynamo Combo
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{986c37a1-7b65-476f-80dc-54f80bd4b0d6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{986C37A1-7B65-476F-80DC-54F80BD4B0D6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{53f00938-0214-4c62-b6d8-9e2034314ebb}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gefunden : HKLM\SOFTWARE\Dynamo Combo
Schlüssel Gefunden : HKLM\SOFTWARE\Dynamo Combo
Schlüssel Gefunden : HKLM\SOFTWARE\IHProtect
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{986c37a1-7b65-476f-80dc-54f80bd4b0d6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{986C37A1-7B65-476F-80DC-54F80BD4B0D6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vi-view uninstall
Schlüssel Gefunden : HKLM\SOFTWARE\SearchProtect
Schlüssel Gefunden : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\SupTab
Schlüssel Gefunden : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gefunden : HKLM\SOFTWARE\vi-viewSoftware
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Dynamo Combo
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Dynamo Combo
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dynamo Combo
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dynamo Combo
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://myhome.vi-view.com/?type=hp&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://myhome.vi-view.com/?type=hp&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}

-\\ Mozilla Firefox v35.0.1 (x86 de)

[045rdp04.default] - Zeile gefunden : user_pref("browser.search.searchengine.alias", "vi-view");
[045rdp04.default] - Zeile gefunden : user_pref("browser.search.searchengine.iconURL", "hxxp://myhome.vi-view.com/favicon.ico");
[045rdp04.default] - Zeile gefunden : user_pref("browser.search.searchengine.name", "vi-view");
[045rdp04.default] - Zeile gefunden : user_pref("browser.search.searchengine.url", "hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}");
[045rdp04.default] - Zeile gefunden : user_pref("extensions.quick_start.enable_search1", false);
[045rdp04.default] - Zeile gefunden : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v40.0.2214.93

[C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
[C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
[C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}
[C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}

*************************

AdwCleaner[R0].txt - [11485 octets] - [02/02/2015 18:40:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11546 octets] ##########

Avast-BrowserCleanUp:

Code:

ATTFilter

02.02.2015 21:31:48 (TID: 5808)
Product version: 10.0.2208.84
02.02.2015 21:31:48 (TID: 5808)
BCUEngine version : 9.0.0.496
ProductLanguage   : de
OSLanguage        : de-de
Location          : de-de
OSType            : 6.2
IsStandalone      : 0
PartnerId         : avastbcl
Priority          : 10
Microsoft IE
	Install Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
	Version: 9.11.9600.17498
Mozilla Firefox Browser
	Install Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
	Version: 35.0.1.5500
	Profile Path: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\
Mozilla Firefox Profiles
	Name: default Path: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default
Google Chrome Browser
	Version: 40.0.2214.93
	Install Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
	Profile Path: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\
Google Chrome Profiles
	Name: Default Path: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default
Google Chrome64 Browser
	Version: 
	Browser not found
Google Chrome
	Extensions
		Profile: Default
			ID: aohghmighlieiainnegkcijnfilokake Name: Google Docs
			ID: felcaaldnbdncclmgdcncolpebgiejap Name: Google Tabellen
			ID: gomekmidlodglbbmalcneegieacbdmki Name: Avast Online Security
Mozilla Firefox
	Extensions
		Profile: default
			ID: youtubeunblocker@unblocker.yt Name: YouTube Unblocker
			ID: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Name: Adblock Plus
			ID: wrc@avast.com Name: Avast Online Security
Google Chrome
	Homepages
		Profile: Default
		Url    : https://www.google.com/?trackid=sp-006
	Search Engines
		Profile: Default
		Name   : Google
		Url    : https://www.google.de/search?q={searchTerms}?trackid=sp-006
FireFox
	Homepages
		Profile: default
		URL    : https://www.google.com/?trackid=sp-006
	Search Engines
		Profile: default
		Name   : Google (avast)
		Url    : hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&channel=fs&trackid=sp-006
Microsoft IE
	Homepages
		Profile: HKCU
		Url    : https://www.google.com/?trackid=sp-006
	Search Engines
		Profile: HKCU
		Name   : Google
		Url    : https://www.google.com/search?trackid=sp-006&q={searchTerms}
BCURequest:
	GlobalStat
		ProductLanguage : de
		EngineVersion   : 9.0.0.496
		OSLanguage      : de-de
		Location        : de-de
		OSType          : 6.2
		IsStandalone    : 0
		Version         : 10.0.2208.84
		PartnerId       : avastbcl
		Priority        : 10
		AvastProductType: 0
		DefaultBrowser  : FIREFOXURL
	Google Chrome:
		IsDefault: 0
		Homepages
			Url: https://www.google.com/?trackid=sp-006
		Search Engines
			Name : Google
			Url  : https://www.google.de/search?q={searchTerms}?trackid=sp-006
		Extensions
			ID: aohghmighlieiainnegkcijnfilokake Name: Google Docs
			ID: felcaaldnbdncclmgdcncolpebgiejap Name: Google Tabellen
			ID: gomekmidlodglbbmalcneegieacbdmki Name: Avast Online Security
	FireFox:
		IsDefault: 1
		Homepages
			Url: https://www.google.com/?trackid=sp-006
		Search Engines
			Name : Google (avast)
			Url  : hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&channel=fs&trackid=sp-006
		Extensions
			ID: wrc@avast.com Name: Avast Online Security
			ID: youtubeunblocker@unblocker.yt Name: YouTube Unblocker
			ID: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Name: Adblock Plus
	Microsoft IE:
		IsDefault: 0
		Homepages
			Url: https://www.google.com/?trackid=sp-006
		Search Engines
			Name : Google
			Url  : https://www.google.com/search?trackid=sp-006&q={searchTerms}
		Extensions
			ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Name: Adobe PDF Link Helper
			ID: {31d09ba0-12f5-4cce-be8a-2923e76605da} Name: Lync Browser Helper
BCUResponse:
	OfferId   : ID_DE_DE_YB_RB_V10
	TemplateId: TPL_RADIO
	BCUConfig
		RrescanDelay     : 0
		CacheIntervalPos : 604800
		CacheIntervalNeg : 604800
		CmsTimeout       : 15000
		UseCorporate     : 0
	BCUProviders
		ID: TPL_YAHOO9_DE	Name: Yahoo! (Avast)
		ID: TPL_BING02_ALL	Name: Bing (by Microsoft)
		ID: PID_BLEKKO_ALL	Name: Blekko
		ID: PID_GOOGLE_ALL	Name: Google
		ID: PID_STARTPAGE_ALL	Name: Startpage
		ID: PID_WOLFRAM_ALL	Name: WolframAlpha
		ID: PID_KEEPEXISTING	Name: Keep Existing (not recommended)
	Google Chrome:
		IsProviderModified: 0
		Extensions
			ID: aohghmighlieiainnegkcijnfilokake Rating: 4 InternalId: 1
			ID: felcaaldnbdncclmgdcncolpebgiejap Rating: 4 InternalId: 8000
			ID: gomekmidlodglbbmalcneegieacbdmki Rating: 5 InternalId: 8000
		Search Engine
			Name: Google
			Url : https://www.google.de/search?q={searchTerms}?trackid=sp-006
	FireFox:
		IsProviderModified: 0
		Extensions
			ID: wrc@avast.com Rating: 5 InternalId: 1
			ID: youtubeunblocker@unblocker.yt Rating: 4 InternalId: 3
			ID: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Rating: 5 InternalId: 8000
		Search Engine
			Name: Google (avast)
			Url : hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&channel=fs&trackid=sp-006
	Microsoft IE:
		IsProviderModified: 0
		Extensions
			ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Rating: 5 InternalId: 8000
			ID: {31d09ba0-12f5-4cce-be8a-2923e76605da} Rating: 5 InternalId: 5200
		Search Engine
			Name: Google
			Url : https://www.google.com/search?trackid=sp-006&q={searchTerms}
Detected a potential browser protector: {
   "Services" : {
      "iumsvc" : {
         "Description" : "intel(r) update manager helps you keep your system up-to-date.",
         "DisplayName" : "intel(r) update manager",
         "FileInfo" : {
            "Path" : "\"c:\\program files (x86)\\intel\\intel(r) update manager\\bin\\iumsvc.exe\"",
            "md5" : ""
         }
      }
   }
}
Detected a potential browser protector: {
   "Services" : {
      "WdNisSvc" : {
         "Description" : "@%programfiles%\\windows defender\\mpasdesc.dll,-242",
         "DisplayName" : "@%programfiles%\\windows defender\\mpasdesc.dll,-320",
         "FileInfo" : {
            "Path" : "\"c:\\program files (x86)\\windows defender\\nissrv.exe\"",
            "md5" : ""
         }
      },
      "WinDefend" : {
         "Description" : "@%programfiles%\\windows defender\\mpasdesc.dll,-240",
         "DisplayName" : "@%programfiles%\\windows defender\\mpasdesc.dll,-310",
         "FileInfo" : {
            "Path" : "\"c:\\program files (x86)\\windows defender\\msmpeng.exe\"",
            "md5" : ""
         }
      }
   }
}
Detected a potential browser protector:3BF731130158C1F78DA21D7B8026CBB6EFA0F0F5F8DE4994728CA3D0A06B8819 {
   "runKeys" : {
      "SamsungRapidApp" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\SamsungRapidApp=c:\\program files (x86)\\samsung\\rapid\\cachefilter\\samsungrapidapp.exe"
   },
   "runningProcess" : {
      "SamsungRapidApp.exe" : {
         "CompanyName" : "Samsung Electronics Co., Ltd.",
         "FileDescription" : "Samsung RAPID Mode Notification Utility",
         "FileVersion" : "1.0.1.81 built by: WinDDK",
         "Path" : "c:\\program files (x86)\\samsung\\rapid\\cachefilter\\samsungrapidapp.exe",
         "ProductVersion" : "Samsung RAPID Mode 1.0.1.81",
         "md5" : "6F4E71A0C3817FC8F36532796632A259"
      }
   }
}
Detected a potential browser protector:CDE1D980F85F9ECE745A06DDE3E4616F2E7232D9086FA6E4C984BB65D9746F2C {
   "Services" : {
      "IHProtect Service" : {
         "Description" : "",
         "DisplayName" : "ihprotect service",
         "FileInfo" : {
            "CompanyName" : "XTab system",
            "FileDescription" : "ProtectSvc.exe",
            "FileVersion" : "4.0.1.1716",
            "Path" : "c:\\program files (x86)\\xtab\\protectservice.exe",
            "ProductVersion" : "4.0.1.1716",
            "md5" : "B32A88B91E59BFB553A9BEBF78A1E567"
         }
      }
   }
}
Detected a potential browser protector:4B88C39D12D8A7E0387766C4FDEAB6F5D7639ED38F9CEF7B7363538B5645EC72 {
   "runKeys" : {
      "RtHDVBg" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\RtHDVBg=\"c:\\program files\\realtek\\audio\\hda\\ravbg64.exe\" /s3hpprotect",
      "RtHDVBg_SRSSA" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\RtHDVBg_SRSSA=\"c:\\program files\\realtek\\audio\\hda\\ravbg64.exe\" /srssa",
      "RtHDVCpl" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\RtHDVCpl=c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe -s"
   },
   "runningProcess" : {
      "RAVBg64.exe" : {
         "CompanyName" : "Realtek Semiconductor",
         "FileDescription" : "HD Audio Background Process",
         "FileVersion" : "1, 0, 0, 203",
         "Path" : "c:\\program files\\realtek\\audio\\hda\\ravbg64.exe",
         "ProductVersion" : "1, 0, 0, 203",
         "md5" : "4D3341C3D5AF1A1B8B93A5A6C08902BD"
      },
      "RAVCpl64.exe" : {
         "CompanyName" : "Realtek Semiconductor",
         "FileDescription" : "Realtek HD Audio-Manager",
         "FileVersion" : "1, 0, 0, 935",
         "Path" : "c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe",
         "ProductVersion" : "1, 0, 0, 935",
         "md5" : "8F9343E9015DA92CDC455A92FE320AB0"
      }
   },
   "uninstallInfo" : {
      "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" : {
         "DisplayName" : "Realtek High Definition Audio Driver",
         "Publisher" : "Realtek Semiconductor Corp.",
         "UninstallString" : "c:\\program files\\realtek\\audio\\hda\\rtlupd64.exe -r -m -nrg2709"
      }
   }
}
Detected a potential browser protector: {
   "Services" : {
      "WindowsMangerProtect" : {
         "Description" : "windowsmangerprotect service",
         "DisplayName" : "windowsmangerprotect service",
         "FileInfo" : {
            "Path" : "c:\\programdata\\windowsmangerprotect\\protectwindowsmanager.exe -service",
            "md5" : ""
         }
      }
   }
}
Detected a potential browser protector:8AF70D124AE6E89B486BD1D97E0ECA70CB423316CA9EF44BF51373998CA80645 {
   "AppInitDll" : {
      "CompanyName" : "Client Connect LTD",
      "FileDescription" : "Search Protect",
      "FileVersion" : "2.19.30.69",
      "Path" : "c:\\progra~2\\searchprotect\\searchprotect\\bin\\vc32loader.dll",
      "ProductVersion" : "2.19.30.69",
      "md5" : "F56FDE850079E5D7FFAFF38E090485C5"
   }
}
Detected a potential browser protector: {
   "uninstallInfo" : {
      "vi-view uninstall" : {
         "DisplayName" : "vi-view uninstall",
         "Publisher" : "vi-view",
         "UninstallString" : "c:\\users\\nico\\appdata\\roaming\\vi-view\\uninstallmanager.exe  -ptid=cor"
      }
   }
}
Detected a potential browser protector:3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A {
   "Services" : {
      "AdobeFlashPlayerUpdateSvc" : {
         "Description" : "mit diesem dienst ist ihre flash player-installation immer aktuell und verwendet die neuesten verbesserungen und sicherheits-fixes.",
         "DisplayName" : "adobe flash player update service",
         "FileInfo" : {
            "CompanyName" : "Adobe Systems Incorporated",
            "FileDescription" : "Adobe® Flash® Player Update Service 16.0 r0",
            "FileVersion" : "16,0,0,296",
            "Path" : "c:\\windows\\syswow64\\macromed\\flash\\flashplayerupdateservice.exe",
            "ProductVersion" : "16,0,0,296",
            "md5" : "A2A9C100FE1BE20A76C0B80D4CA44103"
         }
      },
      "PerfHost" : {
         "Description" : "@%systemroot%\\syswow64\\perfhost.exe,-1",
         "DisplayName" : "@%systemroot%\\syswow64\\perfhost.exe,-2",
         "FileInfo" : {
            "CompanyName" : "Microsoft Corporation",
            "FileDescription" : "x86-Leistungsindikatorhost",
            "FileVersion" : "6.3.9600.16384 (winblue_rtm.130821-1623)",
            "Path" : "c:\\windows\\syswow64\\perfhost.exe",
            "ProductVersion" : "6.3.9600.16384",
            "md5" : "8E3C640FFF5A963F570233AE99C0FFF3"
         }
      },
      "cphs" : {
         "Description" : "intel(r) content protection heci service - enables communication with the content protection fw",
         "DisplayName" : "intel(r) content protection heci service",
         "FileInfo" : {
            "CompanyName" : "Intel Corporation",
            "FileDescription" : "IntelCpHeciSvc Executable",
            "Path" : "c:\\windows\\syswow64\\intelcphecisvc.exe",
            "ProductVersion" : "9.0.20.9000",
            "md5" : "7459091986F5A926AC807F2C85B49BA8"
         }
      }
   },
   "runKeys" : {
      "StubPath" : "HKLM\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{89B4C1CD-B018-4511-B02.02.2015 21:32:04 (TID: 7440)
Product version: 10.0.2208.84
02.02.2015 21:32:04 (TID: 7440)
BCUEngine version : 9.0.0.496
ProductLanguage   : de
OSLanguage        : de-de
Location          : de-de
OSType            : 6.2
IsStandalone      : 0
PartnerId         : avastbcl
Priority          : 10
Microsoft IE
	Install Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
	Version: 9.11.9600.17498
Mozilla Firefox Browser
	Install Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
	Version: 35.0.1.5500
	Profile Path: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\
Mozilla Firefox Profiles
	Name: default Path: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default
Google Chrome Browser
	Version: 40.0.2214.93
	Install Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
	Profile Path: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\
Google Chrome Profiles
	Name: Default Path: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default
Google Chrome64 Browser
	Version: 
	Browser not found
Google Chrome
	Extensions
		Profile: Default
			ID: aohghmighlieiainnegkcijnfilokake Name: Google Docs
			ID: felcaaldnbdncclmgdcncolpebgiejap Name: Google Tabellen
			ID: gomekmidlodglbbmalcneegieacbdmki Name: Avast Online Security
Mozilla Firefox
	Extensions
		Profile: default
			ID: youtubeunblocker@unblocker.yt Name: YouTube Unblocker
			ID: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Name: Adblock Plus
			ID: wrc@avast.com Name: Avast Online Security
Google Chrome
	Homepages
		Profile: Default
		Url    : https://www.google.com/?trackid=sp-006
	Search Engines
		Profile: Default
		Name   : Google
		Url    : https://www.google.de/search?q={searchTerms}?trackid=sp-006
FireFox
	Homepages
		Profile: default
		URL    : https://www.google.com/?trackid=sp-006
	Search Engines
		Profile: default
		Name   : Google (avast)
		Url    : hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&channel=fs&trackid=sp-006
Microsoft IE
	Homepages
		Profile: HKCU
		Url    : https://www.google.com/?trackid=sp-006
	Search Engines
		Profile: HKCU
		Name   : Google
		Url    : https://www.google.com/search?trackid=sp-006&q={searchTerms}
BCURequest:
	GlobalStat
		ProductLanguage : de
		EngineVersion   : 9.0.0.496
		OSLanguage      : de-de
		Location        : de-de
		OSType          : 6.2
		IsStandalone    : 0
		Version         : 10.0.2208.84
		PartnerId       : avastbcl
		Priority        : 10
		AvastProductType: 0
		DefaultBrowser  : FIREFOXURL
	Google Chrome:
		IsDefault: 0
		Homepages
			Url: https://www.google.com/?trackid=sp-006
		Search Engines
			Name : Google
			Url  : https://www.google.de/search?q={searchTerms}?trackid=sp-006
		Extensions
			ID: aohghmighlieiainnegkcijnfilokake Name: Google Docs
			ID: felcaaldnbdncclmgdcncolpebgiejap Name: Google Tabellen
			ID: gomekmidlodglbbmalcneegieacbdmki Name: Avast Online Security
	FireFox:
		IsDefault: 1
		Homepages
			Url: https://www.google.com/?trackid=sp-006
		Search Engines
			Name : Google (avast)
			Url  : hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&channel=fs&trackid=sp-006
		Extensions
			ID: wrc@avast.com Name: Avast Online Security
			ID: youtubeunblocker@unblocker.yt Name: YouTube Unblocker
			ID: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Name: Adblock Plus
	Microsoft IE:
		IsDefault: 0
		Homepages
			Url: https://www.google.com/?trackid=sp-006
		Search Engines
			Name : Google
			Url  : https://www.google.com/search?trackid=sp-006&q={searchTerms}
		Extensions
			ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Name: Adobe PDF Link Helper
			ID: {31d09ba0-12f5-4cce-be8a-2923e76605da} Name: Lync Browser Helper
BCUResponse:
	OfferId   : ID_DE_DE_YB_RB_V10
	TemplateId: TPL_RADIO
	BCUConfig
		RrescanDelay     : 0
		CacheIntervalPos : 604800
		CacheIntervalNeg : 604800
		CmsTimeout       : 15000
		UseCorporate     : 0
	BCUProviders
		ID: TPL_YAHOO9_DE	Name: Yahoo! (Avast)
		ID: TPL_BING02_ALL	Name: Bing (by Microsoft)
		ID: PID_BLEKKO_ALL	Name: Blekko
		ID: PID_GOOGLE_ALL	Name: Google
		ID: PID_STARTPAGE_ALL	Name: Startpage
		ID: PID_WOLFRAM_ALL	Name: WolframAlpha
		ID: PID_KEEPEXISTING	Name: Keep Existing (not recommended)
	Google Chrome:
		IsProviderModified: 0
		Extensions
			ID: aohghmighlieiainnegkcijnfilokake Rating: 4 InternalId: 1
			ID: felcaaldnbdncclmgdcncolpebgiejap Rating: 4 InternalId: 8000
			ID: gomekmidlodglbbmalcneegieacbdmki Rating: 5 InternalId: 8000
		Search Engine
			Name: Google
			Url : https://www.google.de/search?q={searchTerms}?trackid=sp-006
	FireFox:
		IsProviderModified: 0
		Extensions
			ID: wrc@avast.com Rating: 5 InternalId: 1
			ID: youtubeunblocker@unblocker.yt Rating: 4 InternalId: 3
			ID: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} Rating: 5 InternalId: 8000
		Search Engine
			Name: Google (avast)
			Url : hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&channel=fs&trackid=sp-006
	Microsoft IE:
		IsProviderModified: 0
		Extensions
			ID: {18df081c-e8ad-4283-a596-fa578c2ebdc3} Rating: 5 InternalId: 8000
			ID: {31d09ba0-12f5-4cce-be8a-2923e76605da} Rating: 5 InternalId: 5200
		Search Engine
			Name: Google
			Url : https://www.google.com/search?trackid=sp-006&q={searchTerms}
Detected a potential browser protector: {
   "Services" : {
      "iumsvc" : {
         "Description" : "intel(r) update manager helps you keep your system up-to-date.",
         "DisplayName" : "intel(r) update manager",
         "FileInfo" : {
            "Path" : "\"c:\\program files (x86)\\intel\\intel(r) update manager\\bin\\iumsvc.exe\"",
            "md5" : ""
         }
      }
   }
}
Detected a potential browser protector: {
   "Services" : {
      "WdNisSvc" : {
         "Description" : "@%programfiles%\\windows defender\\mpasdesc.dll,-242",
         "DisplayName" : "@%programfiles%\\windows defender\\mpasdesc.dll,-320",
         "FileInfo" : {
            "Path" : "\"c:\\program files (x86)\\windows defender\\nissrv.exe\"",
            "md5" : ""
         }
      },
      "WinDefend" : {
         "Description" : "@%programfiles%\\windows defender\\mpasdesc.dll,-240",
         "DisplayName" : "@%programfiles%\\windows defender\\mpasdesc.dll,-310",
         "FileInfo" : {
            "Path" : "\"c:\\program files (x86)\\windows defender\\msmpeng.exe\"",
            "md5" : ""
         }
      }
   }
}
Detected a potential browser protector:3BF731130158C1F78DA21D7B8026CBB6EFA0F0F5F8DE4994728CA3D0A06B8819 {
   "runKeys" : {
      "SamsungRapidApp" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\SamsungRapidApp=c:\\program files (x86)\\samsung\\rapid\\cachefilter\\samsungrapidapp.exe"
   },
   "runningProcess" : {
      "SamsungRapidApp.exe" : {
         "CompanyName" : "Samsung Electronics Co., Ltd.",
         "FileDescription" : "Samsung RAPID Mode Notification Utility",
         "FileVersion" : "1.0.1.81 built by: WinDDK",
         "Path" : "c:\\program files (x86)\\samsung\\rapid\\cachefilter\\samsungrapidapp.exe",
         "ProductVersion" : "Samsung RAPID Mode 1.0.1.81",
         "md5" : "6F4E71A0C3817FC8F36532796632A259"
      }
   }
}
Detected a potential browser protector:CDE1D980F85F9ECE745A06DDE3E4616F2E7232D9086FA6E4C984BB65D9746F2C {
   "Services" : {
      "IHProtect Service" : {
         "Description" : "",
         "DisplayName" : "ihprotect service",
         "FileInfo" : {
            "CompanyName" : "XTab system",
            "FileDescription" : "ProtectSvc.exe",
            "FileVersion" : "4.0.1.1716",
            "Path" : "c:\\program files (x86)\\xtab\\protectservice.exe",
            "ProductVersion" : "4.0.1.1716",
            "md5" : "B32A88B91E59BFB553A9BEBF78A1E567"
         }
      }
   }
}
Detected a potential browser protector:4B88C39D12D8A7E0387766C4FDEAB6F5D7639ED38F9CEF7B7363538B5645EC72 {
   "runKeys" : {
      "RtHDVBg" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\RtHDVBg=\"c:\\program files\\realtek\\audio\\hda\\ravbg64.exe\" /s3hpprotect",
      "RtHDVBg_SRSSA" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\RtHDVBg_SRSSA=\"c:\\program files\\realtek\\audio\\hda\\ravbg64.exe\" /srssa",
      "RtHDVCpl" : "HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\RtHDVCpl=c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe -s"
   },
   "runningProcess" : {
      "RAVBg64.exe" : {
         "CompanyName" : "Realtek Semiconductor",
         "FileDescription" : "HD Audio Background Process",
         "FileVersion" : "1, 0, 0, 203",
         "Path" : "c:\\program files\\realtek\\audio\\hda\\ravbg64.exe",
         "ProductVersion" : "1, 0, 0, 203",
         "md5" : "4D3341C3D5AF1A1B8B93A5A6C08902BD"
      },
      "RAVCpl64.exe" : {
         "CompanyName" : "Realtek Semiconductor",
         "FileDescription" : "Realtek HD Audio-Manager",
         "FileVersion" : "1, 0, 0, 935",
         "Path" : "c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe",
         "ProductVersion" : "1, 0, 0, 935",
         "md5" : "8F9343E9015DA92CDC455A92FE320AB0"
      }
   },
   "uninstallInfo" : {
      "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" : {
         "DisplayName" : "Realtek High Definition Audio Driver",
         "Publisher" : "Realtek Semiconductor Corp.",
         "UninstallString" : "c:\\program files\\realtek\\audio\\hda\\rtlupd64.exe -r -m -nrg2709"
      }
   }
}
Detected a potential browser protector: {
   "Services" : {
      "WindowsMangerProtect" : {
         "Description" : "windowsmangerprotect service",
         "DisplayName" : "windowsmangerprotect service",
         "FileInfo" : {
            "Path" : "c:\\programdata\\windowsmangerprotect\\protectwindowsmanager.exe -service",
            "md5" : ""
         }
      }
   }
}
Detected a potential browser protector:8AF70D124AE6E89B486BD1D97E0ECA70CB423316CA9EF44BF51373998CA80645 {
   "AppInitDll" : {
      "CompanyName" : "Client Connect LTD",
      "FileDescription" : "Search Protect",
      "FileVersion" : "2.19.30.69",
      "Path" : "c:\\progra~2\\searchprotect\\searchprotect\\bin\\vc32loader.dll",
      "ProductVersion" : "2.19.30.69",
      "md5" : "F56FDE850079E5D7FFAFF38E090485C5"
   }
}
Detected a potential browser protector: {
   "uninstallInfo" : {
      "vi-view uninstall" : {
         "DisplayName" : "vi-view uninstall",
         "Publisher" : "vi-view",
         "UninstallString" : "c:\\users\\nico\\appdata\\roaming\\vi-view\\uninstallmanager.exe  -ptid=cor"
      }
   }
}
Detected a potential browser protector:3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A {
   "Services" : {
      "AdobeFlashPlayerUpdateSvc" : {
         "Description" : "mit diesem dienst ist ihre flash player-installation immer aktuell und verwendet die neuesten verbesserungen und sicherheits-fixes.",
         "DisplayName" : "adobe flash player update service",
         "FileInfo" : {
            "CompanyName" : "Adobe Systems Incorporated",
            "FileDescription" : "Adobe® Flash® Player Update Service 16.0 r0",
            "FileVersion" : "16,0,0,296",
            "Path" : "c:\\windows\\syswow64\\macromed\\flash\\flashplayerupdateservice.exe",
            "ProductVersion" : "16,0,0,296",
            "md5" : "A2A9C100FE1BE20A76C0B80D4CA44103"
         }
      },
      "PerfHost" : {
         "Description" : "@%systemroot%\\syswow64\\perfhost.exe,-1",
         "DisplayName" : "@%systemroot%\\syswow64\\perfhost.exe,-2",
         "FileInfo" : {
            "CompanyName" : "Microsoft Corporation",
            "FileDescription" : "x86-Leistungsindikatorhost",
            "FileVersion" : "6.3.9600.16384 (winblue_rtm.130821-1623)",
            "Path" : "c:\\windows\\syswow64\\perfhost.exe",
            "ProductVersion" : "6.3.9600.16384",
            "md5" : "8E3C640FFF5A963F570233AE99C0FFF3"
         }
      },
      "cphs" : {
         "Description" : "intel(r) content protection heci service - enables communication with the content protection fw",
         "DisplayName" : "intel(r) content protection heci service",
         "FileInfo" : {
            "CompanyName" : "Intel Corporation",
            "FileDescription" : "IntelCpHeciSvc Executable",
            "Path" : "c:\\windows\\syswow64\\intelcphecisvc.exe",
            "ProductVersion" : "9.0.20.9000",
            "md5" : "7459091986F5A926AC807F2C85B49BA8"
         }
      }
   },
   "runKeys" : {
      "StubPath" : "HKLM\\SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{89B4C1CD-B018-4511-B

So, das sollten zusammen mit dem ersten Beitrag nun alle logfiles sein.

Interessant, dass das Problem mit der länge nur an FRST.txt lag.

Grüße Nico

Bootsektor · 04.02.2015, 01:27

Hallo Nico,

ja, sehr imposant von der Länge.

Der Grund warum du mir die Logs bitte nicht anhängen sollst ist, dass die dan alle auf meinem Rechner rumrümpeln und dann hab ich da nachher ne wilde Logcollection

.

Hattest du auch die Löschen-Funktion vom Adwarecleaner benutzt?

Hol das sonst bitte nach dem Deinstallieren nach.

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :
Buzzdock
Dynamo Combo
vi-view uninstall
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.

Schritt 2
Starte den AdwCleaner erneut

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suchen und warte, bis der Suchlauf abgeschlossen ist.
Klicke nun auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter [color=darkmagenta]C:\AdwCleaner\AdwCleaner[Sx].txt. (x = fortlaufende Nummer)[color]

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Starte noch einmal FRST.

Setze den Haken bei addition.txt und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

IneedHelp1 · 04.02.2015, 10:21

Hello again,

ich hab nun soweit Schritte 1 bis 4 abgearbeiten, hier die logs:

adwcleaner[S0] (nach dem deinstallieren):

Code:

ATTFilter

# AdwCleaner v4.109 - Bericht erstellt am 04/02/2015 um 09:39:15
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-02-03.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Nico - NICO_STUDY
# Gestartet von : C:\Users\Nico\Desktop\adwcleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : WindowsMangerProtect
Dienst Gelöscht : IHProtect Service
Dienst Gelöscht : {16a92140-918d-4afb-9edb-46f22437bb10}Gw64
Dienst Gelöscht : {3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64
Dienst Gelöscht : {915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\IHProtectUpDate
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\XTab
Ordner Gelöscht : C:\Users\Nico\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\vi-view
Datei Gelöscht : C:\WINDOWS\System32\drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys
Datei Gelöscht : C:\WINDOWS\System32\drivers\{3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64.sys
Datei Gelöscht : C:\WINDOWS\System32\drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys
Datei Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\user.js
Datei Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\IHProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\vi-viewSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v35.0.1 (x86 de)

[045rdp04.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.searchengine.alias", "vi-view");
[045rdp04.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://myhome.vi-view.com/favicon.ico");
[045rdp04.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.searchengine.name", "vi-view");
[045rdp04.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.searchengine.url", "hxxp://myhome.vi-view.com/web/?type=ds&ts=1422024598&from=cor&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF824519D&q={searchTerms}");
[045rdp04.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[045rdp04.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R0].txt - [11731 octets] - [02/02/2015 18:40:12]
AdwCleaner[R1].txt - [11640 octets] - [02/02/2015 21:42:59]
AdwCleaner[R2].txt - [7838 octets] - [04/02/2015 09:28:15]
AdwCleaner[S0].txt - [6881 octets] - [04/02/2015 09:39:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6941 octets] ##########

mbam.txt (nach dem deinstallieren):

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 04.02.2015
Suchlauf-Zeit: 09:43:36
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.11.20.06
Rootkit Datenbank: v2014.11.18.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Nico

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 352692
Verstrichene Zeit: 12 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [47bf9da1dd9f45f18dd409a7e321cc34], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [2adcc87680fcaf87c59b337d4eb6dd23], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 5
PUP.Optional.OpenCandy, C:\Users\Nico\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe, In Quarantäne, [f016a896512b76c023e33c399d6828d8], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll, In Quarantäne, [fe08b18d89f30135e016fcaaa95841bf], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\nbin\VC32Loader.dll, In Quarantäne, [e91d1b237a022d093abc8c1aa75aaa56], 
PUP.Optional.ViView.A, C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\searchplugins\vi-view.xml, In Quarantäne, [739344fabcc0b77fb4da0742ed1605fb], 
PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, In Quarantäne, [8a7ca698b9c36fc7a9bbfeb28c78a060], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Addition.txt (nach dem deinstallieren):

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Nico at 2015-02-04 10:02:28
Running from C:\Users\Nico\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.2.0.26 - Absolute Software)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{9043E92C-183C-7633-0237-96CE00F5C909}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 3.3.1-r30 - Sirrix AG)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
CoDeSys for Automation Alliance (HKLM-x32\...\{07976ABB-1EBD-4A65-A7C7-155A0DC17173}) (Version:  - 3S-Smart Software Solutions GmbH)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator Software Services - Community Edition - DEU (HKLM-x32\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
ELECTRA 2.9.5 (HKLM-x32\...\ELECTRA_is1) (Version:  - KONEKT)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 11.7.19.9_WHQL (HKLM\...\Elantech) (Version: 11.7.19.9 - ELAN Microelectronic Corp.)
Evernote v. 5.8.3 (HKLM-x32\...\{404B3FB8-A820-11E4-83FC-00163E98E7D6}) (Version: 5.8.3.6507 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.6.36.116 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{87d45b7e-19da-4dd5-9214-5e0d587c312f}) (Version: 15.6.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{40320F22-7D70-49DB-9D66-B6FAE5F36B47}) (Version: 1.0.32.0 - Condusiv Technologies)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{8583E7E3-2237-4981-B957-E28E5E9AB678}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{E1C1D175-C23E-38F4-9AC1-ABE5167022CF}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.2.22 (HKLM\...\{CC9889DA-F802-4C85-B543-15C02543BA29}) (Version: 4.2.22 - Oracle Corporation)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 2.0.0.21 - RSUPPORT)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.2 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7299 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.18 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.51 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link (HKLM-x32\...\{82EC241F-DFCA-4166-A8C3-EA5D2B9A41C4}) (Version: 1.8.0.39 - Samsung Electronics CO., LTD.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.25.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
SideSync (HKLM-x32\...\{59687468-8CE9-4ABF-9C6A-5C31F0E09F8B}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2900 - DTS, Inc.)
Support Center (HKLM\...\{711DE117-767F-48A8-9864-66C525B9539F}) (Version: 2.1.1223 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.17 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{1687FC01-135F-4ADE-B828-B461CC74BD8A}) (Version: 2.2.4 - Samsung Electronics CO., LTD.)
Target 3001! V17 pcb-pool (HKLM-x32\...\Target 3001! V17 pcb-pool) (Version:  - Ing. Buero FRIEDRICH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.124 - PandoraTV)
Toastify (HKLM-x32\...\Toastify) (Version: 1.6 - Jesper Palm)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
User Guide (HKLM-x32\...\{5A6D46E0-D4F4-487D-BFC5-D7DCEB877027}) (Version: 1.3.00 - Samsung Electronics CO., LTD.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nico\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nico\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nico\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nico\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3589802351-439905089-1110981561-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

19-01-2015 13:37:19 Installiert CoDeSys for Automation Alliance
22-01-2015 19:04:36 Windows Update
24-01-2015 11:57:13 Installed SW Update
28-01-2015 07:59:32 Windows Update
03-02-2015 17:11:56 Installed Evernote v. 5.8.3

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021FBA49-9CE2-4630-B257-D5B03319B37E} - System32\Tasks\avastBCLRestartS-1-5-21-3589802351-439905089-1110981561-1001 => Chrome.exe 
Task: {1544F43B-58AB-470D-A30C-256A1EC00370} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-02] (Microsoft Corporation)
Task: {15E9A293-03E7-45AA-BC86-3F3B3819B1B1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {1A140134-3E42-4DF0-9CB7-2FAA45E0620F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-12-31] (Microsoft Corporation)
Task: {2509EB92-8F91-4D50-9226-58A16CCD0A14} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-11-12] (SEC)
Task: {2E71E9ED-86F0-4E4F-B678-FC7609C14A9E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {30B4CDAE-3786-442F-9F95-EAE10B7956AF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {43EE1E4C-6DB3-43A6-8315-687CAE69A323} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {5C1F0E62-71DB-4BD0-8970-2C29300B04A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-15] (Google Inc.)
Task: {6F73154C-3996-4575-A4C0-80D2763DB034} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-15] (Google Inc.)
Task: {78EBD80E-DEE4-4579-B3EE-A9E2D3040183} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-15] (AVAST Software)
Task: {80D783CC-237B-452C-B5FE-F728A35DFBFB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {A39C99FA-7FF9-43F1-B2F9-71DAA20CD0CA} - System32\Tasks\SamsungLinkPC => C:\Program Files (x86)\Samsung\HomeSync Lite\RefreshToken.exe
Task: {AE673B14-DCD6-4101-A95D-53FE988A64F5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {C76CDA18-7CD0-4DD9-A66D-7338706828D1} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-29] (Samsung Electronics CO., LTD.)
Task: {D864362E-B144-4455-8516-27C0F4820C86} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {DB610074-84F1-453C-9F37-C5B513F5646D} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
Task: {F970148F-2656-4628-8C63-947981AA7910} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Nico_Study-Nico Nico_Study => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-02] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-02-02 22:13 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-15 19:39 - 2015-01-15 19:39 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-15 19:39 - 2015-01-15 19:39 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2014-10-01 19:54 - 2014-10-01 19:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-29 17:19 - 2014-10-29 17:19 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-10-10 17:48 - 2013-10-10 17:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-02-03 21:53 - 2015-02-03 21:53 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020301\algo.dll
2015-01-15 19:39 - 2015-01-15 19:39 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 15:20 - 2012-10-27 15:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 15:22 - 2012-10-27 15:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2013-11-10 19:24 - 2013-11-10 19:24 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2013-11-10 19:24 - 2013-11-10 19:24 - 00358400 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2013-11-10 19:24 - 2013-11-10 19:24 - 00044544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2013-11-10 19:24 - 2013-11-10 19:24 - 00899584 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2015-01-15 20:17 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-01-15 22:09 - 2015-01-08 21:44 - 00750080 _____ () C:\Users\Nico\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-04 09:58 - 2015-02-04 09:58 - 00043008 _____ () c:\users\nico\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfub0ih.dll
2015-01-15 22:09 - 2015-01-08 21:44 - 00047616 _____ () C:\Users\Nico\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-01-15 22:09 - 2015-01-08 21:44 - 00863744 _____ () C:\Users\Nico\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-01-15 22:09 - 2015-01-08 21:44 - 00200704 _____ () C:\Users\Nico\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-15 19:39 - 2015-01-15 19:39 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-02-02 18:54 - 2015-02-02 18:54 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2015-01-15 19:31 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Nico\Desktop\Hannes und der Bürgermeister Wanzen & Seelenwanderung.mp4:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Bitcasa"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ENISysTray"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\StartupApproved\Run: => "Spotify"

========================= Accounts: ==========================

Administrator (S-1-5-21-3589802351-439905089-1110981561-500 - Administrator - Disabled)
BitBox (S-1-5-21-3589802351-439905089-1110981561-1002 - Limited - Enabled)
Gast (S-1-5-21-3589802351-439905089-1110981561-501 - Limited - Disabled)
Nico (S-1-5-21-3589802351-439905089-1110981561-1001 - Administrator - Enabled) => C:\Users\Nico

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2015 09:50:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Windows RE tools" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (02/03/2015 00:22:05 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:

Server stack trace: 
   bei System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.GetServerBit()
   bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/02/2015 10:53:35 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {8BD86F89-74DA-4351-A1FC-51861390CBFF}

Error: (02/02/2015 10:53:35 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {8BD86F89-74DA-4351-A1FC-51861390CBFF}

Error: (02/02/2015 10:53:31 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft PowerPoint: Rejected Safe Mode action : PowerPoint konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?.
Rejected Safe Mode action : Microsoft PowerPoint.

Error: (02/02/2015 10:52:16 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start

Error: (02/02/2015 09:27:55 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start

Error: (02/02/2015 09:27:29 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start

Error: (02/02/2015 09:26:54 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start

Error: (02/02/2015 05:18:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Nico_Study)
Description: Das Paket „Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m+App“ wurde beendet, da das Anhalten zu lange dauerte.


System errors:
=============
Error: (02/04/2015 09:51:51 AM) (Source: DCOM) (EventID: 10010) (User: Nico_Study)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/04/2015 09:51:20 AM) (Source: DCOM) (EventID: 10010) (User: Nico_Study)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/04/2015 09:40:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (02/04/2015 09:40:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (02/04/2015 09:40:21 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (02/04/2015 09:39:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/04/2015 09:39:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/04/2015 09:39:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/04/2015 09:39:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/04/2015 09:39:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Integrated Clock Controller Service - Intel(R) ICCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (02/04/2015 09:50:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Windows RE toolsFalscher Parameter. (0x80070057)

Error: (02/03/2015 00:22:05 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:

Server stack trace: 
   bei System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.GetServerBit()
   bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (02/02/2015 10:53:35 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {8BD86F89-74DA-4351-A1FC-51861390CBFF}

Error: (02/02/2015 10:53:35 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {8BD86F89-74DA-4351-A1FC-51861390CBFF}

Error: (02/02/2015 10:53:31 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft PowerPointPowerPoint konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?

Error: (02/02/2015 10:52:16 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: 

Error: (02/02/2015 09:27:55 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: 

Error: (02/02/2015 09:27:29 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: 

Error: (02/02/2015 09:26:54 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: 

Error: (02/02/2015 05:18:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Nico_Study)
Description: Tagesschau.Tagesschau_1.1.0.4_x64__6364r0569j69m+App


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 16270.86 MB
Available physical RAM: 8166.98 MB
Total Pagefile: 16470.86 MB
Available Pagefile: 8443.42 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:393.69 GB) (Free:241.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5900EE1B)

Partition: GPT Partition Type.

==================== End Of Log ============================

FRST.txt (nach dem deinstallieren):

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Nico (administrator) on NICO_STUDY on 04-02-2015 10:01:13
Running from C:\Users\Nico\Desktop
Loaded Profiles: Nico (Available profiles: Nico)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(3S-Smart Software Solutions GmbH) C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Nico\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [ENISysTray] => C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENISysTray.exe [245760 2009-01-20] (3S-Smart Software Solutions GmbH)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Quick Starter] => C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe [2358064 2014-07-15] (Samsung Electronics CO., LTD.)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Spotify] => C:\Users\Nico\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Spotify Web Helper] => C:\Users\Nico\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\MountPoints2: {5978b983-9cee-11e4-be94-b4b6769c136d} - "E:\autorun.exe" 
Startup: C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {75EE9A76-CCF7-47D7-BAA3-573E905D5109} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {75EE9A76-CCF7-47D7-BAA3-573E905D5109} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3589802351-439905089-1110981561-1001] => file://C:\Program Files (x86)\Dynamo Combo\bin\Pac9064.js
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\searchplugins\google-avast.xml
FF Extension: YouTube Unblocker - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\Extensions\youtubeunblocker@unblocker.yt [2015-01-15]
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-14]

Chrome: 
=======
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR Profile: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-15]
CHR Extension: (Google Drive) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-15]
CHR Extension: (YouTube) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-15]
CHR Extension: (Google-Suche) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-15]
CHR Extension: (Google Tabellen) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-15]
CHR Extension: (Avast Online Security) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-15]
CHR Extension: (Google Wallet) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-18]
CHR Extension: (Google Mail) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-15] (Avast Software)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2014-03-18] (Sirrix AG) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
R2 ENI Server; C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [651264 2009-01-20] (3S-Smart Software Solutions GmbH) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-01-16] (Foxit Software Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55720 2012-12-21] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2015-01-06] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2015-01-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-01-15] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-15] ()
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131328 2014-11-21] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [29096 2012-12-21] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104872 2012-12-21] (Condusiv Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-15] (Avast Software)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-01-15] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

rest folgt..

IneedHelp1 · 04.02.2015, 10:24

FRST.txt Teil2(nach dem deinstallieren):

Code:

ATTFilter

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 10:01 - 2015-02-04 10:01 - 00027390 _____ () C:\Users\Nico\Desktop\FRST.txt
2015-02-04 10:00 - 2015-02-04 10:00 - 00000000 ____D () C:\Users\Nico\Desktop\Vor bereinigung
2015-02-04 09:59 - 2015-02-04 09:59 - 00002243 _____ () C:\Users\Nico\Desktop\mbam.txt
2015-02-04 09:59 - 2015-02-04 09:59 - 00000197 _____ () C:\WINDOWS\system32\2015-02-04-08-59-46.048-AvastVBoxSVC.exe-4012.log
2015-02-04 09:42 - 2015-02-04 09:58 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-04 09:42 - 2015-02-04 09:43 - 00000197 _____ () C:\WINDOWS\system32\2015-02-04-08-42-45.053-AvastVBoxSVC.exe-3852.log
2015-02-04 09:42 - 2015-02-04 09:42 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-04 09:42 - 2015-02-04 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-04 09:42 - 2015-02-04 09:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-04 09:42 - 2015-02-04 09:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-04 09:42 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-04 09:42 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-04 09:42 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-04 09:41 - 2015-02-04 09:41 - 00007061 _____ () C:\Users\Nico\Desktop\AdwCleaner[S0]_afterDelete.txt
2015-02-04 09:26 - 2015-02-04 09:27 - 00000168 _____ () C:\Users\Nico\Desktop\Anmerkung.txt
2015-02-04 09:23 - 2015-02-04 09:23 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nico\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-04 09:23 - 2015-02-04 09:23 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nico\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-04 09:22 - 2015-02-04 09:22 - 00000197 _____ () C:\WINDOWS\system32\2015-02-04-08-22-21.007-AvastVBoxSVC.exe-4012.log
2015-02-03 22:54 - 2015-02-03 22:54 - 00001506 _____ () C:\Users\Nico\Desktop\Zuhause ausdrucken!!! - Verknüpfung.lnk
2015-02-03 19:38 - 2014-10-20 21:09 - 820361873 _____ () C:\Users\Nico\Desktop\Hannes und der Bürgermeister Wanzen & Seelenwanderung.mp4
2015-02-03 17:13 - 2015-02-03 17:13 - 00002523 _____ () C:\Users\Public\Desktop\Evernote.lnk
2015-02-03 17:13 - 2015-02-03 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-02-03 12:59 - 2015-02-03 12:59 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-11-59-37.062-AvastVBoxSVC.exe-3880.log
2015-02-03 07:11 - 2015-02-03 07:11 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-06-11-27.000-AvastVBoxSVC.exe-3892.log
2015-02-03 00:33 - 2015-02-03 00:33 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-23-33-21.036-AvastVBoxSVC.exe-3252.log
2015-02-02 23:03 - 2015-02-02 23:03 - 00000247 _____ () C:\WINDOWS\system32\2015-02-02-22-03-47.032-aswFe.exe-7096.log
2015-02-02 22:59 - 2015-02-02 23:03 - 00000247 _____ () C:\WINDOWS\system32\2015-02-02-21-59-03.091-aswFe.exe-7080.log
2015-02-02 22:59 - 2015-02-02 22:59 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-21-59-02.072-AvastVBoxSVC.exe-7488.log
2015-02-02 22:39 - 2015-02-02 22:39 - 00029157 _____ () C:\Users\Nico\Desktop\Logfiles.zip
2015-02-02 21:30 - 2015-02-02 21:30 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-20-30-04.070-AvastVBoxSVC.exe-2668.log
2015-02-02 21:26 - 2015-02-02 21:26 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-20-26-20.004-AvastVBoxSVC.exe-3932.log
2015-02-02 21:14 - 2015-02-02 21:14 - 00380416 _____ () C:\Users\Nico\Downloads\Gmer-19357.exe
2015-02-02 21:14 - 2015-02-02 21:14 - 00380416 _____ () C:\Users\Nico\Desktop\Gmer-19357.exe
2015-02-02 21:09 - 2015-02-04 10:01 - 00000000 ____D () C:\FRST
2015-02-02 21:08 - 2015-02-02 21:08 - 02131456 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2015-02-02 21:08 - 2015-02-02 21:08 - 02131456 _____ (Farbar) C:\Users\Nico\Desktop\FRST64.exe
2015-02-02 21:07 - 2015-02-02 21:07 - 00000000 _____ () C:\Users\Nico\defogger_reenable
2015-02-02 21:07 - 2015-02-02 21:06 - 00050477 _____ () C:\Users\Nico\Desktop\Defogger.exe
2015-02-02 21:06 - 2015-02-02 21:06 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2015-02-02 18:40 - 2015-02-04 09:39 - 00000000 ____D () C:\AdwCleaner
2015-02-02 18:39 - 2015-02-02 18:39 - 02194432 _____ () C:\Users\Nico\Downloads\adwcleaner_4.109.exe
2015-02-02 18:39 - 2015-02-02 18:39 - 02194432 _____ () C:\Users\Nico\Desktop\adwcleaner_4.109.exe
2015-02-02 07:27 - 2015-02-02 07:28 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-06-27-57.055-AvastVBoxSVC.exe-3956.log
2015-02-01 19:36 - 2015-02-04 09:58 - 00005140 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nico_Study-Nico Nico_Study
2015-02-01 19:36 - 2015-02-01 19:36 - 00000000 ____D () C:\Users\Nico\Documents\Benutzerdefinierte Office-Vorlagen
2015-02-01 18:39 - 2015-02-01 18:39 - 00002185 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00002132 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00002132 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ___RD () C:\Users\Nico\SkyDrive
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2015-02-01 18:36 - 2015-02-02 22:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-01 18:36 - 2015-02-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-01 18:35 - 2015-02-01 18:35 - 01064632 _____ (Microsoft Corporation) C:\Users\Nico\Downloads\Setup.X86.de-DE_O365HomePremRetail_69addc71-75e4-44ca-8fe2-b75fec0ab50a_TX_DB_.exe
2015-01-31 21:32 - 2015-01-31 21:32 - 00000666 _____ () C:\Users\Nico\Documents\Desktop - Verknüpfung.lnk
2015-01-31 20:25 - 2015-01-31 20:25 - 00084743 _____ () C:\Users\Nico\Downloads\Lohnsteuertabelle 2015.html
2015-01-31 11:45 - 2015-01-31 11:46 - 00000197 _____ () C:\WINDOWS\system32\2015-01-31-10-45-29.010-AvastVBoxSVC.exe-2208.log
2015-01-30 07:17 - 2015-01-30 07:17 - 00000197 _____ () C:\WINDOWS\system32\2015-01-30-06-17-00.090-AvastVBoxSVC.exe-3828.log
2015-01-29 07:35 - 2015-01-29 07:35 - 00000247 _____ () C:\WINDOWS\system32\2015-01-29-06-35-36.066-aswFe.exe-7372.log
2015-01-29 07:30 - 2015-01-29 07:35 - 00000247 _____ () C:\WINDOWS\system32\2015-01-29-06-30-54.071-aswFe.exe-6736.log
2015-01-29 07:30 - 2015-01-29 07:30 - 00000197 _____ () C:\WINDOWS\system32\2015-01-29-06-30-53.005-AvastVBoxSVC.exe-1236.log
2015-01-29 07:22 - 2015-01-29 07:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\BRT
2015-01-28 12:49 - 2015-01-28 12:50 - 00000197 _____ () C:\WINDOWS\system32\2015-01-28-11-49-54.090-AvastVBoxSVC.exe-1900.log
2015-01-28 07:25 - 2015-01-28 07:25 - 00000197 _____ () C:\WINDOWS\system32\2015-01-28-06-25-25.070-AvastVBoxSVC.exe-4116.log
2015-01-27 23:50 - 2015-01-27 23:50 - 00000197 _____ () C:\WINDOWS\system32\2015-01-27-22-50-04.045-AvastVBoxSVC.exe-3340.log
2015-01-27 22:00 - 2015-01-27 22:02 - 51621699 _____ () C:\Users\Nico\Downloads\fritzing.0.9.1b.64.pc_1.zip
2015-01-27 12:45 - 2015-01-27 12:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 11:13 - 2015-01-25 11:13 - 00000197 _____ () C:\WINDOWS\system32\2015-01-25-10-13-02.080-AvastVBoxSVC.exe-4020.log
2015-01-24 12:00 - 2015-01-24 12:00 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\PowerISO
2015-01-24 11:57 - 2015-01-24 11:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-01-24 11:55 - 2015-01-24 11:56 - 00000197 _____ () C:\WINDOWS\system32\2015-01-24-10-55-59.055-AvastVBoxSVC.exe-3480.log
2015-01-24 11:55 - 2015-01-24 11:55 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-01-24 00:31 - 2015-01-28 13:40 - 00003278 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-3589802351-439905089-1110981561-1001
2015-01-23 17:13 - 2015-01-23 17:14 - 00754216 _____ (DownloadAstro) C:\Users\Nico\Downloads\kmplayer.exe
2015-01-23 16:02 - 2015-01-23 16:02 - 00000197 _____ () C:\WINDOWS\system32\2015-01-23-15-02-14.017-AvastVBoxSVC.exe-3960.log
2015-01-23 15:51 - 2015-01-23 15:51 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-01-23 15:49 - 2015-01-23 18:59 - 00000000 ____D () C:\Users\Nico\AppData\Local\JDownloader v2.0
2015-01-23 07:18 - 2015-01-23 07:19 - 00000197 _____ () C:\WINDOWS\system32\2015-01-23-06-18-57.062-AvastVBoxSVC.exe-3996.log
2015-01-21 14:25 - 2015-01-21 14:25 - 00000000 ____D () C:\Users\Nico\AppData\Local\PDF24
2015-01-20 07:16 - 2015-01-20 07:17 - 00000197 _____ () C:\WINDOWS\system32\2015-01-20-06-16-31.052-AvastVBoxSVC.exe-3912.log
2015-01-20 07:15 - 2015-01-20 07:15 - 00000000 ____D () C:\ENI
2015-01-19 14:28 - 2015-01-19 14:28 - 00000000 ____D () C:\Program Files (x86)\Evernote
2015-01-19 14:23 - 2015-01-19 14:25 - 98672136 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Nico\Downloads\Evernote_5.8.1.6061.exe
2015-01-19 13:39 - 2008-06-06 14:15 - 00016488 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\Drivers\SysDrv3S.sys
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3S Software
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\Program Files (x86)\3S Software
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\lm.dat
2015-01-19 13:38 - 2015-01-19 13:38 - 00000000 ____D () C:\WINDOWS\Gateway Files
2015-01-19 13:38 - 2015-01-19 13:38 - 00000000 ____D () C:\Users\Nico\AppData\Local\EvernoteNW
2015-01-19 13:38 - 2010-06-10 13:53 - 00225353 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\Gateway.exe
2015-01-19 13:38 - 2010-06-10 13:53 - 00217164 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GDrvStd.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00192588 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GClient.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00184396 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GatewayDDE.exe
2015-01-19 13:38 - 2010-06-10 13:53 - 00147532 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GSymbol.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00147528 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GUtil.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00143436 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GHandle.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00135258 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GHandleStdcall.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00114766 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GDrvBase.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00081993 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CommUsr.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00040960 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CAN_VCI.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00036937 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CommSym.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00032768 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\PEAK_USB.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00032768 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\PEAK_DNG.dll
2015-01-19 13:38 - 2010-05-11 17:10 - 00483328 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\LMAPI.DLL
2015-01-19 13:38 - 2010-01-07 16:57 - 00081408 ____N (PEAK-System Technik GmbH) C:\WINDOWS\SysWOW64\PCAN_USB.dll
2015-01-19 13:38 - 2010-01-07 16:57 - 00069120 ____N (PEAK-System Technik GmbH) C:\WINDOWS\SysWOW64\PCAN_DNG.dll
2015-01-19 13:38 - 2009-01-20 08:45 - 00274432 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\ENIClient.dll
2015-01-19 13:38 - 2007-04-10 16:30 - 00088613 _____ () C:\WINDOWS\SysWOW64\gateway.chm
2015-01-19 13:38 - 2007-02-27 16:59 - 00139264 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\3SXMLParser.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00114688 _____ (Technosoftware AG) C:\WINDOWS\SysWOW64\OCSDAAuto.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00077824 _____ (OPC Foundation) C:\WINDOWS\SysWOW64\opcproxy.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00075264 _____ () C:\WINDOWS\SysWOW64\callrproxy.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00061440 _____ (OPC Foundation) C:\WINDOWS\SysWOW64\opccomn_ps.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00060416 _____ () C:\WINDOWS\SysWOW64\OPCENUM.EXE
2015-01-19 13:38 - 2000-11-10 08:38 - 00040960 _____ (Technosoftware AG) C:\WINDOWS\SysWOW64\OCSSpy_ps.dll
2015-01-19 13:35 - 2015-01-19 13:35 - 00000197 _____ () C:\WINDOWS\system32\2015-01-19-12-35-36.019-AvastVBoxSVC.exe-3620.log
2015-01-18 16:12 - 2015-01-18 16:12 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2015-01-18 16:12 - 2015-01-18 16:12 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2015-01-18 15:18 - 2015-01-18 15:18 - 00000197 _____ () C:\WINDOWS\system32\2015-01-18-14-18-08.028-AvastVBoxSVC.exe-3876.log
2015-01-18 15:11 - 2015-01-18 15:11 - 00000197 _____ () C:\WINDOWS\system32\2015-01-18-14-11-07.053-AvastVBoxSVC.exe-3680.log
2015-01-16 00:17 - 2015-01-16 00:17 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-23-17-19.029-aswFe.exe-5592.log
2015-01-16 00:07 - 2015-01-16 00:17 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-23-07-38.068-aswFe.exe-5112.log
2015-01-16 00:07 - 2015-01-16 00:07 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-23-07-05.000-AvastVBoxSVC.exe-5652.log
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\1033
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\RsFx
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\1033
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0
2015-01-15 22:41 - 2009-07-21 01:42 - 00111640 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00079896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00078872 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00050200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2015-01-15 22:40 - 2015-01-15 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-01-15 22:39 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-01-15 22:39 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-15 22:38 - 2015-01-15 22:38 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2015-01-15 22:36 - 2015-01-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK - Deutsch
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Users\Nico\Documents\Visual Studio 2008
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files\IIS
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files (x86)\IIS
2015-01-15 22:34 - 2015-01-15 22:34 - 00000000 ____D () C:\Users\Nico\Documents\Visual Studio 2010
2015-01-15 22:32 - 2015-01-18 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
2015-01-15 22:32 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\1031
2015-01-15 22:32 - 2015-01-15 22:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-01-15 22:32 - 2015-01-15 22:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft F#
2015-01-15 22:32 - 2015-01-15 22:33 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2015-01-15 22:31 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\1031
2015-01-15 22:31 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0
2015-01-15 22:31 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\WINDOWS\symbols
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-01-15 22:30 - 2015-01-15 22:30 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2015-01-15 22:27 - 2015-01-21 14:33 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Windows Live Writer
2015-01-15 22:27 - 2015-01-15 22:27 - 00000000 ____D () C:\Users\Nico\AppData\Local\Windows Live Writer
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELECTRA_250
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\ProgramData\CP70vxDj0
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\Program Files (x86)\ELECTRA_250
2015-01-15 22:21 - 2015-01-15 22:21 - 00000806 _____ () C:\Users\Nico\Downloads\#Ablage.lnk
2015-01-15 22:21 - 2015-01-15 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TARGET 3001! V17 pcb-pool
2015-01-15 22:21 - 2015-01-15 22:21 - 00000000 ____D () C:\Program Files (x86)\ibf
2015-01-15 22:13 - 2015-02-04 09:58 - 00000000 ___RD () C:\Users\Nico\Dropbox
2015-01-15 22:06 - 2015-01-15 22:06 - 00324136 _____ (Dropbox, Inc.) C:\Users\Nico\Downloads\DropboxInstaller.exe
2015-01-15 21:57 - 2015-01-15 21:57 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-20-57-11.022-AvastVBoxSVC.exe-3676.log
2015-01-15 21:55 - 2015-01-15 21:55 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Sirrix AG
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\Users\Nico\AppData\Local\Cisco
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\ProgramData\Cisco
2015-01-15 21:54 - 2013-10-10 17:29 - 00112496 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2015-01-15 21:53 - 2015-01-15 21:53 - 00001275 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\ProgramData\Sirrix AG
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\Program Files (x86)\Sirrix AG
2015-01-15 21:50 - 2015-01-15 21:50 - 00000000 ____D () C:\Program Files\Oracle
2015-01-15 21:50 - 2014-01-10 22:49 - 00239376 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2015-01-15 21:50 - 2014-01-10 22:48 - 00119056 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2015-01-15 21:46 - 2015-01-15 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-15 21:45 - 2015-01-15 22:09 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-15 21:43 - 2015-02-04 09:59 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 21:43 - 2015-02-04 09:57 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 21:43 - 2015-01-15 21:54 - 00004112 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-15 21:43 - 2015-01-15 21:54 - 00003876 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-15 21:43 - 2015-01-15 21:46 - 00000000 ____D () C:\Users\Nico\AppData\Local\Google
2015-01-15 21:43 - 2015-01-15 21:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-15 21:42 - 2015-02-04 09:58 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Dropbox
2015-01-15 21:37 - 2015-01-15 21:37 - 00000000 ____D () C:\Users\Nico\AppData\Local\Evernote
2015-01-15 21:32 - 2015-01-18 15:59 - 00004062 _____ () C:\Users\Nico\AppData\Roaming\LTspiceIV.ini
2015-01-15 21:30 - 2015-01-15 21:30 - 00001211 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\LTspice IV.lnk
2015-01-15 21:30 - 2015-01-15 21:30 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Toastify
2015-01-15 21:29 - 2015-01-15 21:29 - 00000000 ____D () C:\Program Files (x86)\LTC
2015-01-15 21:20 - 2015-01-15 21:21 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-20-20-55.031-AvastVBoxSVC.exe-3124.log
2015-01-15 21:20 - 2015-01-15 21:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-15 21:20 - 2015-01-15 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-15 21:19 - 2015-01-15 21:19 - 00000844 _____ () C:\Users\Nico\Desktop\##Studium## - Verknüpfung.lnk
2015-01-15 21:19 - 2015-01-15 21:19 - 00000806 _____ () C:\Users\Nico\Desktop\#Ablage - Verknüpfung.lnk
2015-01-15 21:18 - 2015-01-15 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-01-15 21:18 - 2015-01-15 21:18 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-01-15 21:17 - 2015-01-15 22:21 - 00000000 ____D () C:\Program Files (x86)\PhotoshopPortable
2015-01-15 21:16 - 2015-01-15 21:16 - 00000039 _____ () C:\Users\Nico\AppData\Roaming\SupportBox_MSUL.cfg
2015-01-15 21:16 - 2015-01-15 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-01-15 21:16 - 2015-01-15 21:16 - 00000000 ____D () C:\Program Files\PowerISO
2015-01-15 21:16 - 2014-03-30 07:26 - 00129944 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\Program Files (x86)\Toastify
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2015-01-15 21:11 - 2015-02-03 17:15 - 00000000 ____D () C:\Users\Nico\AppData\Local\Spotify
2015-01-15 21:11 - 2015-01-15 21:11 - 00001794 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-01-15 21:11 - 2015-01-15 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-01-15 21:11 - 2015-01-15 21:11 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-01-15 21:10 - 2015-01-23 18:57 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\vlc
2015-01-15 21:10 - 2015-01-15 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-15 21:10 - 2015-01-15 21:10 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-01-15 21:09 - 2015-02-03 21:20 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Spotify
2015-01-15 21:09 - 2015-01-15 21:09 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-15 21:08 - 2015-01-15 21:08 - 00000000 ____D () C:\The KMPlayer
2015-01-15 21:06 - 2015-01-15 21:06 - 00001478 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-01-15 21:06 - 2015-01-15 21:06 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\it
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\fr
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\de
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\Program Files\Windows Live
2015-01-15 21:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-01-15 21:06 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-01-15 21:06 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-01-15 21:05 - 2015-01-22 07:22 - 00000000 ____D () C:\Users\Nico\AppData\Local\Windows Live
2015-01-15 21:05 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-01-15 21:05 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-01-15 21:03 - 2015-02-04 09:58 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Skype
2015-01-15 21:03 - 2015-01-15 21:20 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 21:03 - 2015-01-15 21:03 - 00000000 ____D () C:\Users\Nico\AppData\Local\Skype
2015-01-15 21:01 - 2015-01-15 21:08 - 92658088 _____ (Oracle Corporation) C:\Users\Nico\Downloads\jre-8u25-windows-x64.exe
2015-01-15 21:01 - 2015-01-15 21:03 - 29727656 _____ (Oracle Corporation) C:\Users\Nico\Downloads\jre-8u25-windows-i586.exe
2015-01-15 21:00 - 2015-01-15 21:09 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-15 21:00 - 2015-01-15 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-15 21:00 - 2015-01-15 21:03 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-15 21:00 - 2015-01-15 21:00 - 00000000 ____D () C:\ProgramData\Sun
2015-01-15 20:58 - 2015-01-28 21:18 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Foxit Software
2015-01-15 20:58 - 2015-01-15 20:58 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-15 20:58 - 2015-01-15 20:58 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-01-15 20:57 - 2015-01-13 18:08 - 00001012 _____ () C:\Users\Nico\Desktop\DHBW.exe.lnk
2015-01-15 20:42 - 2015-01-15 20:42 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-42-31.087-AvastVBoxSVC.exe-2524.log
2015-01-15 20:40 - 2015-01-15 20:40 - 00000000 ____D () C:\WINDOWS\system32\RAPID
2015-01-15 20:40 - 2014-09-16 14:30 - 00268976 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SamsungRapidDiskFltr.sys
2015-01-15 20:24 - 2015-01-15 20:24 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-24-13.000-AvastVBoxSVC.exe-2488.log
2015-01-15 20:17 - 2015-01-15 20:17 - 00003276 _____ () C:\WINDOWS\System32\Tasks\SamsungMagician
2015-01-15 20:17 - 2015-01-15 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2015-01-15 20:15 - 2015-01-15 20:15 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-15-31.060-AvastVBoxSVC.exe-2496.log
2015-01-15 20:11 - 2015-01-15 20:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-19-11-42.036-aswFe.exe-3816.log
2015-01-15 20:09 - 2015-01-15 20:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-19-09-56.093-aswFe.exe-3408.log
2015-01-15 20:09 - 2015-01-15 20:10 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-09-56.027-AvastVBoxSVC.exe-2432.log
2015-01-15 20:00 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-15 20:00 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-15 19:55 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-15 19:55 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-15 19:55 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-15 19:55 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-15 19:55 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-15 19:55 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-15 19:55 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-15 19:55 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-15 19:55 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-15 19:55 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-15 19:55 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-15 19:55 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-15 19:55 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-15 19:55 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-15 19:55 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-15 19:55 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-15 19:55 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-15 19:55 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-15 19:55 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-15 19:55 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-15 19:55 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-15 19:55 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-15 19:55 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-15 19:55 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-15 19:55 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-15 19:55 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-15 19:55 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-15 19:55 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-15 19:55 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-15 19:55 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-15 19:55 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-15 19:55 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-15 19:55 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-15 19:55 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-15 19:55 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-15 19:55 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-15 19:55 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-15 19:55 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-15 19:55 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-15 19:55 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-15 19:55 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-15 19:55 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-15 19:55 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-15 19:55 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-15 19:55 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-15 19:55 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-15 19:55 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-15 19:55 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-15 19:55 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-15 19:55 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-15 19:55 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-15 19:55 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-15 19:55 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-15 19:55 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-15 19:55 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-15 19:55 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-15 19:55 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-15 19:55 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-15 19:55 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-15 19:55 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-15 19:55 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-15 19:55 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-15 19:55 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-15 19:55 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-15 19:55 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-15 19:55 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-15 19:55 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-15 19:55 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-15 19:55 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-15 19:55 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-15 19:55 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-15 19:55 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-15 19:55 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-15 19:55 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-15 19:55 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-15 19:55 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-15 19:55 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-15 19:55 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-15 19:55 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-15 19:55 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-15 19:55 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-15 19:55 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-15 19:55 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-15 19:55 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-15 19:55 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-15 19:55 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-15 19:55 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-15 19:55 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-15 19:55 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-15 19:55 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-15 19:55 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-15 19:55 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-15 19:55 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-15 19:55 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-15 19:55 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-15 19:55 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-15 19:55 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-15 19:55 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-15 19:55 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-15 19:55 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-15 19:55 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-15 19:55 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-15 19:55 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-15 19:55 - 2014-10-17 05:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-15 19:55 - 2014-10-17 05:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-15 19:55 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-15 19:55 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-15 19:54 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-01-15 19:54 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-01-15 19:52 - 2015-01-15 19:52 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-18-52-31.026-aswFe.exe-6052.log
2015-01-15 19:52 - 2015-01-15 19:52 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-18-52-30.013-AvastVBoxSVC.exe-4164.log
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\ProgramData\ATI
2015-01-15 19:45 - 2015-01-15 19:45 - 03733666 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-01-15 19:45 - 2015-01-15 19:45 - 00000000 ____D () C:\WINDOWS\RSTLog
2015-01-15 19:45 - 2015-01-15 19:45 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Intel Corporation
2015-01-15 19:44 - 2015-01-15 19:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-01-15 19:43 - 2013-07-26 15:07 - 00827096 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2015-01-15 19:43 - 2013-07-26 15:07 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-01-15 19:42 - 2013-07-24 14:57 - 00022832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2015-01-15 19:39 - 2015-01-15 19:39 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-15 19:39 - 2015-01-15 19:39 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-15 19:38 - 2015-02-02 19:57 - 00000000 ____D () C:\#Data
2015-01-15 19:32 - 2015-01-15 19:32 - 00003936 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-01-15 19:32 - 2015-01-15 19:32 - 00003690 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-01-15 19:32 - 2015-01-15 19:32 - 00000000 _____ () C:\WINDOWS\SysWOW64\agent.log
2015-01-15 19:31 - 2015-01-15 19:31 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-01-15 19:26 - 2015-01-15 19:26 - 00061191 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201501151926091236.log
2015-01-15 19:26 - 2015-01-15 19:26 - 00001272 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerXpress.lnk
2015-01-15 19:26 - 2015-01-15 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-15 19:26 - 2015-01-15 19:26 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-15 19:25 - 2013-08-30 20:14 - 00156712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00141256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 09464840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 01233080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-01-15 19:25 - 2013-08-30 20:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-01-15 19:25 - 2013-08-30 20:05 - 00781312 _____ () C:\WINDOWS\system32\amdmiracast.dll
2015-01-15 19:25 - 2013-08-30 19:48 - 00229376 _____ () C:\WINDOWS\system32\clinfo.exe
2015-01-15 19:25 - 2013-08-30 19:48 - 00127488 _____ (AMD) C:\WINDOWS\system32\coinst_13.152.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2015-01-15 19:25 - 2013-08-30 19:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-01-15 19:25 - 2013-08-30 19:43 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-01-15 19:25 - 2013-08-30 19:43 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-01-15 19:25 - 2013-08-30 19:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00530824 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-01-15 19:25 - 2013-08-30 19:18 - 00530824 _____ () C:\WINDOWS\system32\atiapfxx.blb
2015-01-15 19:25 - 2013-08-30 19:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-01-15 19:25 - 2013-08-30 19:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-01-15 19:25 - 2013-08-30 19:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-01-15 19:25 - 2013-08-30 19:14 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-01-15 19:25 - 2013-08-30 19:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-01-15 19:25 - 2013-08-30 19:04 - 03388672 _____ () C:\WINDOWS\system32\atiumd6a.cap
2015-01-15 19:25 - 2013-08-30 18:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-01-15 19:25 - 2013-08-30 18:58 - 00571904 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-01-15 19:25 - 2013-08-30 18:58 - 00026112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-01-15 19:25 - 2013-08-30 18:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-01-15 19:25 - 2013-08-30 18:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-01-15 19:25 - 2013-08-30 18:50 - 03422720 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2015-01-15 19:25 - 2013-08-30 18:37 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-01-15 19:25 - 2013-08-30 18:35 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2015-01-15 19:25 - 2013-08-30 18:34 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-01-15 19:25 - 2013-08-30 18:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-01-15 19:25 - 2013-08-27 15:06 - 00233652 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
2015-01-15 19:25 - 2013-08-27 13:27 - 00082336 _____ () C:\WINDOWS\system32\ativce02.dat
2015-01-15 19:25 - 2013-08-07 13:22 - 00716208 _____ () C:\WINDOWS\system32\atiicdxx.dat
2015-01-15 19:25 - 2013-08-07 11:12 - 00231984 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2015-01-15 19:25 - 2013-05-04 15:22 - 00047164 _____ () C:\WINDOWS\atiogl.xml
2015-01-15 19:09 - 2015-01-15 19:09 - 00000000 ____D () C:\Program Files\DIFX
2015-01-15 18:45 - 2015-01-15 18:45 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-15 18:44 - 2015-01-15 18:44 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-01-15 18:44 - 2015-01-15 18:44 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-01-15 18:42 - 2015-01-15 18:42 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-15 18:42 - 2015-01-15 18:42 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-15 18:41 - 2015-01-15 18:41 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-15 18:41 - 2015-01-15 18:41 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-15 18:28 - 2015-01-15 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-15 18:25 - 2015-01-15 18:25 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-01-15 18:23 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2015-01-15 18:22 - 2015-01-15 18:22 - 00001450 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 18:22 - 2015-01-15 18:22 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-01-15 18:22 - 2015-01-15 18:22 - 00000020 ___SH () C:\Users\Nico\ntuser.ini
2015-01-15 18:22 - 2015-01-15 18:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\ATI
2015-01-15 18:22 - 2015-01-15 18:22 - 00000000 ____D () C:\Users\Nico\AppData\Local\ATI
2015-01-15 18:20 - 2015-02-04 09:58 - 01535108 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-15 18:20 - 2015-01-15 18:20 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-01-15 18:18 - 2015-01-15 18:18 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-15 18:17 - 2015-02-02 21:07 - 00000000 ____D () C:\Users\Nico
2015-01-15 18:17 - 2015-01-15 18:20 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-01-15 18:17 - 2015-01-15 18:20 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Vorlagen
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Startmenü
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Netzwerkumgebung
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Lokale Einstellungen
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Eigene Dateien
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Druckumgebung
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Musik
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Bilder
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Verlauf
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Anwendungsdaten
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Anwendungsdaten
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-01-15 18:17 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 18:17 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-15 18:17 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-15 18:17 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-15 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_SensorsAlsDriver_01_11_00.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\Program Files\Realtek
2015-01-15 18:14 - 2015-01-15 19:46 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\Program Files\AMD
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\AMD
2015-01-15 18:13 - 2015-01-15 19:46 - 00000000 ____D () C:\Program Files\Elantech
2015-01-15 18:13 - 2015-01-15 18:22 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-15 18:13 - 2015-01-15 18:13 - 00000000 __SHD () C:\Recovery
2015-01-15 18:12 - 2015-01-15 18:12 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-15 18:12 - 2015-01-15 18:12 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-15 18:12 - 2015-01-15 18:12 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-15 18:12 - 2015-01-15 18:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-01-15 18:12 - 2015-01-15 18:12 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-01-15 18:12 - 2015-01-15 18:12 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-15 18:12 - 2015-01-15 18:12 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-15 18:11 - 2015-01-19 23:25 - 00000000 ____D () C:\WINDOWS\en-GB
2015-01-15 18:11 - 2015-01-15 18:11 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-15 18:11 - 2015-01-15 18:11 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-15 18:11 - 2015-01-15 18:11 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-01-15 18:01 - 2015-01-15 18:01 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-15 18:01 - 2015-01-15 18:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-15 18:01 - 2015-01-15 18:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-15 18:01 - 2015-01-15 18:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-01-15 18:01 - 2015-01-15 18:01 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-01-15 18:00 - 2015-01-19 23:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-01-15 18:00 - 2015-01-15 22:37 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-15 18:00 - 2015-01-15 22:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-15 18:00 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-15 17:54 - 2015-01-15 18:20 - 00006611 _____ () C:\WINDOWS\comsetup.log
2015-01-15 17:32 - 2014-07-21 21:28 - 04016216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-01-15 17:32 - 2014-07-21 13:52 - 01279373 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-01-15 17:32 - 2014-07-18 18:10 - 02810736 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-01-15 17:32 - 2014-07-18 14:22 - 00955096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-01-15 17:32 - 2014-07-16 14:36 - 67245056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-01-15 17:32 - 2014-07-07 19:55 - 00000008 _____ () C:\WINDOWS\system32\Drivers\rtkhdaud.dat
2015-01-15 17:32 - 2014-07-07 14:07 - 02860760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-01-15 17:32 - 2014-07-04 11:07 - 01024728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-01-15 17:32 - 2014-06-17 13:32 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-01-15 17:32 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-01-15 17:32 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-01-15 17:32 - 2014-02-06 11:28 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-01-15 17:32 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-01-15 17:32 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-01-15 17:32 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-01-15 17:32 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-01-15 17:32 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-01-15 17:32 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-01-15 17:32 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-01-15 17:31 - 2015-01-15 19:44 - 00000194 _____ () C:\Setup.log
2015-01-15 17:31 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-01-15 17:31 - 2014-05-19 10:47 - 02080472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-01-15 17:31 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-01-15 17:31 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-01-15 17:31 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-01-15 17:31 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-01-15 17:31 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-01-15 17:31 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-01-15 17:31 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-01-15 16:47 - 2015-01-15 16:47 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Samsung
2015-01-15 16:33 - 2015-01-15 16:33 - 00002970 _____ () C:\WINDOWS\System32\Tasks\SamsungLinkPC
2015-01-15 09:48 - 2015-01-15 09:48 - 00003126 _____ () C:\WINDOWS\System32\Tasks\advRecovery
2015-01-15 09:46 - 2015-01-15 09:46 - 00000000 ____D () C:\iBTWU
2015-01-15 09:34 - 2015-01-15 09:34 - 00003434 _____ () C:\WINDOWS\System32\Tasks\Settings
2015-01-14 23:08 - 2015-01-23 07:23 - 00003718 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-01-14 15:10 - 2015-01-14 15:10 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Macromedia
2015-01-14 15:10 - 2015-01-14 15:10 - 00000000 ____D () C:\Users\Nico\AppData\Local\Macromedia
2015-01-14 15:09 - 2015-02-03 21:17 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-14 15:09 - 2015-01-25 11:17 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-14 15:08 - 2015-01-27 07:39 - 00000000 ____D () C:\Users\Nico\AppData\Local\Adobe
2015-01-14 15:03 - 2015-01-14 15:03 - 00003476 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-01-14 15:03 - 2015-01-14 15:03 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2015-01-14 14:59 - 2015-01-15 18:24 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-01-14 14:58 - 2015-01-14 14:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 14:58 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 14:40 - 2015-01-15 21:54 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-01-14 14:40 - 2015-01-14 14:40 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-01-14 14:35 - 2014-10-22 04:34 - 00010777 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-01-14 14:01 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-01-14 14:01 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-01-14 13:08 - 2015-01-14 13:08 - 00000000 _____ () C:\Users\Nico\agent.log
2015-01-14 13:01 - 2015-01-15 19:40 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-14 13:01 - 2015-01-15 19:39 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-14 13:01 - 2015-01-15 19:39 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2015-01-14 12:54 - 2015-01-14 12:54 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Mozilla
2015-01-14 12:54 - 2015-01-14 12:54 - 00000000 ____D () C:\Users\Nico\AppData\Local\Mozilla
2015-01-14 12:53 - 2015-01-27 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-14 12:53 - 2015-01-24 00:34 - 00001151 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-14 12:53 - 2015-01-14 12:53 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 12:49 - 2015-02-03 12:59 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-14 12:49 - 2015-01-15 19:39 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\AVAST Software
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-14 12:29 - 2015-01-15 18:46 - 00008400 _____ () C:\WINDOWS\wsusofflineupdate.log
2015-01-14 12:28 - 2015-02-04 09:50 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3589802351-439905089-1110981561-1001
2015-01-14 12:28 - 2015-01-14 12:28 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\WinRAR
2015-01-14 12:28 - 2015-01-14 12:28 - 00000000 ____D () C:\Users\Nico\AppData\Local\bitcasa
2015-01-14 12:27 - 2015-01-15 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 12:27 - 2015-01-15 18:17 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 12:27 - 2015-01-15 17:40 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-14 12:24 - 2015-01-15 20:25 - 00000000 ____D () C:\Users\Nico\AppData\Local\Samsung
2015-01-14 12:23 - 2015-01-31 12:09 - 00005347 _____ () C:\Users\Nico\AppData\Roaming\AbsoluteReminder.xml
2015-01-14 12:23 - 2015-01-14 12:23 - 00001249 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2015-01-14 12:23 - 2015-01-14 12:23 - 00001202 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2015-01-14 12:23 - 2015-01-14 12:23 - 00000000 ____D () C:\Users\Nico\AppData\Local\Absolute_Software
2015-01-14 12:23 - 2015-01-14 12:23 - 00000000 _____ () C:\WINDOWS\system32\Drivers\144D_SAMSUNG_na_870Z5E_P05A.mrk
2015-01-14 12:22 - 2015-02-01 18:36 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2015-01-14 12:22 - 2015-01-23 15:50 - 00000000 ____D () C:\Users\Nico\AppData\Local\Packages
2015-01-14 12:22 - 2015-01-14 12:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Intel
2015-01-14 12:22 - 2015-01-14 12:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Adobe
2015-01-14 12:22 - 2013-02-27 18:08 - 139490760 _____ () C:\WINDOWS\[0407]SamsungStory01_ger.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-04 10:00 - 2013-04-15 22:37 - 00000000 ____D () C:\ProgramData\WinClon
2015-02-04 09:57 - 2014-11-20 19:24 - 00029874 _____ () C:\WINDOWS\PFRO.log
2015-02-04 09:57 - 2013-08-22 15:46 - 00313675 _____ () C:\WINDOWS\setupact.log
2015-02-04 09:57 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-04 09:45 - 2014-11-21 04:35 - 01963610 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-04 09:45 - 2014-11-21 03:45 - 00831932 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-04 09:45 - 2014-11-21 03:45 - 00184304 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-04 09:20 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-02 07:26 - 2013-08-22 15:44 - 00533664 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-01 18:09 - 2013-08-22 14:25 - 00000194 _____ () C:\WINDOWS\win.ini
2015-01-28 08:00 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-24 21:20 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 11:57 - 2013-04-15 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-24 00:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-01-23 15:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-23 07:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-22 18:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-19 23:25 - 2014-11-21 04:13 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-01-19 13:38 - 2013-04-15 21:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 22:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-15 22:39 - 2013-04-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-15 21:06 - 2013-04-15 22:41 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-01-15 21:06 - 2013-04-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-15 21:05 - 2013-04-15 22:41 - 00001653 _____ () C:\WINDOWS\DirectX.log
2015-01-15 20:39 - 2013-04-15 21:50 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-15 20:17 - 2013-04-15 22:38 - 00000000 ____D () C:\ProgramData\Samsung
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ____D () C:\ProgramData\Intel
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ____D () C:\Program Files\Intel
2015-01-15 19:44 - 2013-04-15 21:48 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-15 19:42 - 2013-04-15 21:49 - 00028034 _____ () C:\WINDOWS\DPINST.LOG
2015-01-15 19:36 - 2013-08-22 15:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2015-01-15 19:36 - 2013-04-15 22:46 - 00019318 _____ () C:\WINDOWS\system32\results.xml
2015-01-15 19:26 - 2013-04-15 22:34 - 00000000 ____D () C:\ProgramData\AMD
2015-01-15 19:25 - 2013-04-15 22:33 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-15 19:25 - 2013-04-15 21:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-15 18:46 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:46 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-01-15 18:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-15 18:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-15 18:20 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-15 18:19 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-01-15 18:19 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-15 18:18 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-01-15 18:18 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-01-15 18:18 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-01-15 18:18 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-01-15 18:18 - 2013-08-22 14:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-15 18:18 - 2013-04-15 22:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2015-01-15 18:18 - 2013-04-15 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitcasa
2015-01-15 18:18 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
2015-01-15 18:18 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Absolute Software
2015-01-15 18:18 - 2013-04-15 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-01-15 18:18 - 2012-08-05 22:11 - 00000000 ____D () C:\ProgramData\PRICache
2015-01-15 18:18 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-01-15 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-01-15 18:12 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-01-15 18:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-01-15 17:58 - 2013-04-15 21:49 - 01771989 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-01-15 17:56 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-01-15 17:32 - 2013-04-15 21:48 - 00002787 _____ () C:\RHDSetup.log
2015-01-15 17:32 - 2013-04-15 21:48 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-15 13:07 - 2013-04-15 22:38 - 00000000 ____D () C:\ProgramData\Temp
2015-01-15 09:48 - 2013-04-15 21:50 - 00000000 ____D () C:\Program Files\Samsung
2015-01-14 14:40 - 2013-04-15 22:38 - 00000000 ____D () C:\Users\EasySurvey
2015-01-14 14:39 - 2013-04-15 21:48 - 00000000 ____D () C:\Intel
2015-01-14 12:48 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Norton
2015-01-14 12:46 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories =======

2015-01-14 12:23 - 2015-01-31 12:09 - 0005347 _____ () C:\Users\Nico\AppData\Roaming\AbsoluteReminder.xml
2015-01-15 21:32 - 2015-01-18 15:59 - 0004062 _____ () C:\Users\Nico\AppData\Roaming\LTspiceIV.ini
2015-01-15 21:16 - 2015-01-15 21:16 - 0000039 _____ () C:\Users\Nico\AppData\Roaming\SupportBox_MSUL.cfg
2015-01-15 18:15 - 2015-01-15 18:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-15 22:43 - 2013-02-19 08:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-04-15 22:43 - 2013-01-12 15:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\Nico\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfub0ih.dll
C:\Users\Nico\AppData\Local\Temp\Quarantine.exe
C:\Users\Nico\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-04 09:50

==================== End Of Log ============================

So, das sollten nun alle 4 logs sein.
Ja richtig, die Löschen-funktion des adwcleaner hatte ich vor dem post in diesem forum noch nicht ausgeführt, nur den scan, da ich angst hatte evtl. wichtige datein dabei mit zu löschen..

Ich hoffe das hilft weiter

Und wie zuvor danke für die schnelle Antwort!

Gruß Nico

Bootsektor · 04.02.2015, 23:41

Hallo Nico,

hast du denn nun noch Probleme?

Schritt 1
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 2
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

IneedHelp1 · 05.02.2015, 17:07

Hallo,

was die Symptome angeht, ist alles wieder in Ordnung, habe keine Probleme mehr.

Ich hab wie epfohlen den scan mit ESET gemacht und er hat 15 Verdächtige Datein gefunden. Darunter auch die Datein die in der Quarantäne vom adwcleaner liegen. Soll ich die Datein aus der quarantäne löschen?

Log.txt von ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ec6b6cbe52b8b548897b7bc185e2a215
# engine=22317
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-05 08:16:23
# local_time=2015-02-05 09:16:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 95 728845 1891601 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1421469 48005476 0 0
# scanned=310317
# found=15
# cleaned=0
# scan_time=5807
sh=1C1691D53A24A5184AE315A00AC461767ADEDC20 ft=1 fh=5b79596457e5e7ad vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=8743F255E80C6A0A95A94CC668553686FF170120 ft=1 fh=0e8260637ee8e1d9 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir"
sh=A704B6A7928A66851D5D0C251F975B52F6755053 ft=1 fh=3a141fdd6276f642 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir"
sh=AAB44C79899999D77D4BC45AC1FC31746EE01C39 ft=1 fh=f19b2f7682fe88c5 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll.vir"
sh=3010A616F191A1AB67BAA394F95094E43E1B0F05 ft=1 fh=1d4eab4a3a54531e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir"
sh=CFD6E953ACB4E21B22DD6D2BBD7360C353AA5049 ft=1 fh=65b60511f931799f vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll.vir"
sh=275F649C7C4613C61B59BD33393AA245AD3D3816 ft=1 fh=ecf7e3ee1d6b314e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir"
sh=B46AC89336EE49AE7D475F54C6A0847EAA8A174F ft=1 fh=d456ecb0103eab2f vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=DF7B974F73F65FDF917E9C3AB8B8EC9FD97FC2A0 ft=1 fh=0e3a711fc1c46ea8 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir"
sh=606D4414333C04E362F60B505926C78BB0B6C694 ft=1 fh=2f7c44d7fdd8d932 vn="Variante von Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir"
sh=AF36570D737043FEBEC5FA3DDB416A4CF5FDFBE9 ft=1 fh=c71c0011100f33aa vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=7028F239FAC673EE7DC7772ACC75D759EA73837D ft=1 fh=e769f095fe49f653 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\4EE80OXF\spstub[1].exe"
sh=683CF1A501F326FFCB1FE6A393EB7735F60AA1B9 ft=1 fh=307bbd67644818ae vn="Variante von Win32/BrowseFox.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\DynamoCombo[1].dll"
sh=DE07A45DB8E9DB4B0B8B99DDEE6A0D7FE78C74FA ft=1 fh=0f0d85be27aea62e vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\Setup[1].exe"
sh=828F79E473250D33A8285963B54305A04F0E811D ft=1 fh=192a6aeb7d1c9ee9 vn="Variante von Win32/InstallCore.WC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nico\Downloads\kmplayer.exe"

Das weiter FRST.txt (Teil 1):

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Nico (administrator) on NICO_STUDY on 05-02-2015 17:00:38
Running from C:\Users\Nico\Desktop
Loaded Profiles: Nico (Available profiles: Nico)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(3S-Smart Software Solutions GmbH) C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Spotify Ltd) C:\Users\Nico\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [ENISysTray] => C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENISysTray.exe [245760 2009-01-20] (3S-Smart Software Solutions GmbH)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Quick Starter] => C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe [2358064 2014-07-15] (Samsung Electronics CO., LTD.)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Spotify] => C:\Users\Nico\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [Spotify Web Helper] => C:\Users\Nico\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-15] (Spotify Ltd)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\MountPoints2: {5978b983-9cee-11e4-be94-b4b6769c136d} - "E:\autorun.exe" 
Startup: C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {75EE9A76-CCF7-47D7-BAA3-573E905D5109} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {75EE9A76-CCF7-47D7-BAA3-573E905D5109} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3589802351-439905089-1110981561-1001] => file://C:\Program Files (x86)\Dynamo Combo\bin\Pac9064.js
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\searchplugins\google-avast.xml
FF Extension: YouTube Unblocker - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\Extensions\youtubeunblocker@unblocker.yt [2015-01-15]
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\045rdp04.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-14]

Chrome: 
=======
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR Profile: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-15]
CHR Extension: (Google Drive) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-15]
CHR Extension: (YouTube) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-15]
CHR Extension: (Google-Suche) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-15]
CHR Extension: (Google Tabellen) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-15]
CHR Extension: (Avast Online Security) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-15]
CHR Extension: (Google Wallet) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-18]
CHR Extension: (Google Mail) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-15] (Avast Software)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2014-03-18] (Sirrix AG) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
R2 ENI Server; C:\Program Files (x86)\3S Software\CoDeSys ENI Server\ENI.exe [651264 2009-01-20] (3S-Smart Software Solutions GmbH) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-01-16] (Foxit Software Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55720 2012-12-21] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2015-01-06] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2015-01-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-01-15] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-15] ()
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131328 2014-11-21] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [29096 2012-12-21] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104872 2012-12-21] (Condusiv Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-15] (Avast Software)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-01-15] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

IneedHelp1 · 05.02.2015, 17:08

FRST.txt (Teil 2):

Code:

ATTFilter

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 17:00 - 2015-02-05 17:00 - 00000000 ____D () C:\Users\Nico\Desktop\FRST-OlderVersion
2015-02-05 07:30 - 2015-02-05 07:30 - 02347384 _____ (ESET) C:\Users\Nico\Downloads\esetsmartinstaller_deu.exe
2015-02-05 07:17 - 2015-02-05 07:17 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-06-17-55.065-AvastVBoxSVC.exe-3988.log
2015-02-04 10:02 - 2015-02-04 10:03 - 00045040 _____ () C:\Users\Nico\Desktop\Addition.txt
2015-02-04 10:01 - 2015-02-05 17:00 - 00027390 _____ () C:\Users\Nico\Desktop\FRST.txt
2015-02-04 10:00 - 2015-02-04 10:00 - 00000000 ____D () C:\Users\Nico\Desktop\Vor bereinigung
2015-02-04 09:59 - 2015-02-04 09:59 - 00002243 _____ () C:\Users\Nico\Desktop\mbam.txt
2015-02-04 09:59 - 2015-02-04 09:59 - 00000197 _____ () C:\WINDOWS\system32\2015-02-04-08-59-46.048-AvastVBoxSVC.exe-4012.log
2015-02-04 09:42 - 2015-02-04 09:58 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-04 09:42 - 2015-02-04 09:43 - 00000197 _____ () C:\WINDOWS\system32\2015-02-04-08-42-45.053-AvastVBoxSVC.exe-3852.log
2015-02-04 09:42 - 2015-02-04 09:42 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-04 09:42 - 2015-02-04 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-04 09:42 - 2015-02-04 09:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-04 09:42 - 2015-02-04 09:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-04 09:42 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-04 09:42 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-04 09:42 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-04 09:41 - 2015-02-04 09:41 - 00007061 _____ () C:\Users\Nico\Desktop\AdwCleaner[S0]_afterDelete.txt
2015-02-04 09:26 - 2015-02-04 09:27 - 00000168 _____ () C:\Users\Nico\Desktop\Anmerkung.txt
2015-02-04 09:23 - 2015-02-04 09:23 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nico\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-04 09:23 - 2015-02-04 09:23 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nico\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-04 09:22 - 2015-02-04 09:22 - 00000197 _____ () C:\WINDOWS\system32\2015-02-04-08-22-21.007-AvastVBoxSVC.exe-4012.log
2015-02-03 22:54 - 2015-02-03 22:54 - 00001506 _____ () C:\Users\Nico\Desktop\Zuhause ausdrucken!!! - Verknüpfung.lnk
2015-02-03 19:38 - 2014-10-20 21:09 - 820361873 _____ () C:\Users\Nico\Desktop\Hannes und der Bürgermeister Wanzen & Seelenwanderung.mp4
2015-02-03 17:13 - 2015-02-03 17:13 - 00002523 _____ () C:\Users\Public\Desktop\Evernote.lnk
2015-02-03 17:13 - 2015-02-03 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-02-03 12:59 - 2015-02-03 12:59 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-11-59-37.062-AvastVBoxSVC.exe-3880.log
2015-02-03 07:11 - 2015-02-03 07:11 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-06-11-27.000-AvastVBoxSVC.exe-3892.log
2015-02-03 00:33 - 2015-02-03 00:33 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-23-33-21.036-AvastVBoxSVC.exe-3252.log
2015-02-02 23:03 - 2015-02-02 23:03 - 00000247 _____ () C:\WINDOWS\system32\2015-02-02-22-03-47.032-aswFe.exe-7096.log
2015-02-02 22:59 - 2015-02-02 23:03 - 00000247 _____ () C:\WINDOWS\system32\2015-02-02-21-59-03.091-aswFe.exe-7080.log
2015-02-02 22:59 - 2015-02-02 22:59 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-21-59-02.072-AvastVBoxSVC.exe-7488.log
2015-02-02 22:39 - 2015-02-02 22:39 - 00029157 _____ () C:\Users\Nico\Desktop\Logfiles.zip
2015-02-02 21:30 - 2015-02-02 21:30 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-20-30-04.070-AvastVBoxSVC.exe-2668.log
2015-02-02 21:26 - 2015-02-02 21:26 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-20-26-20.004-AvastVBoxSVC.exe-3932.log
2015-02-02 21:14 - 2015-02-02 21:14 - 00380416 _____ () C:\Users\Nico\Downloads\Gmer-19357.exe
2015-02-02 21:14 - 2015-02-02 21:14 - 00380416 _____ () C:\Users\Nico\Desktop\Gmer-19357.exe
2015-02-02 21:09 - 2015-02-05 17:00 - 00000000 ____D () C:\FRST
2015-02-02 21:08 - 2015-02-05 17:00 - 02131968 _____ (Farbar) C:\Users\Nico\Desktop\FRST64.exe
2015-02-02 21:08 - 2015-02-02 21:08 - 02131456 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2015-02-02 21:07 - 2015-02-02 21:07 - 00000000 _____ () C:\Users\Nico\defogger_reenable
2015-02-02 21:07 - 2015-02-02 21:06 - 00050477 _____ () C:\Users\Nico\Desktop\Defogger.exe
2015-02-02 21:06 - 2015-02-02 21:06 - 00050477 _____ () C:\Users\Nico\Downloads\Defogger.exe
2015-02-02 18:40 - 2015-02-04 09:39 - 00000000 ____D () C:\AdwCleaner
2015-02-02 18:39 - 2015-02-02 18:39 - 02194432 _____ () C:\Users\Nico\Downloads\adwcleaner_4.109.exe
2015-02-02 18:39 - 2015-02-02 18:39 - 02194432 _____ () C:\Users\Nico\Desktop\adwcleaner_4.109.exe
2015-02-02 07:27 - 2015-02-02 07:28 - 00000197 _____ () C:\WINDOWS\system32\2015-02-02-06-27-57.055-AvastVBoxSVC.exe-3956.log
2015-02-01 19:36 - 2015-02-05 08:15 - 00005140 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nico_Study-Nico Nico_Study
2015-02-01 19:36 - 2015-02-01 19:36 - 00000000 ____D () C:\Users\Nico\Documents\Benutzerdefinierte Office-Vorlagen
2015-02-01 18:39 - 2015-02-01 18:39 - 00002185 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00002132 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00002132 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ___RD () C:\Users\Nico\SkyDrive
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2015-02-01 18:39 - 2015-02-01 18:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2015-02-01 18:36 - 2015-02-02 22:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-01 18:36 - 2015-02-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-01 18:35 - 2015-02-01 18:35 - 01064632 _____ (Microsoft Corporation) C:\Users\Nico\Downloads\Setup.X86.de-DE_O365HomePremRetail_69addc71-75e4-44ca-8fe2-b75fec0ab50a_TX_DB_.exe
2015-01-31 21:32 - 2015-01-31 21:32 - 00000666 _____ () C:\Users\Nico\Documents\Desktop - Verknüpfung.lnk
2015-01-31 20:25 - 2015-01-31 20:25 - 00084743 _____ () C:\Users\Nico\Downloads\Lohnsteuertabelle 2015.html
2015-01-31 11:45 - 2015-01-31 11:46 - 00000197 _____ () C:\WINDOWS\system32\2015-01-31-10-45-29.010-AvastVBoxSVC.exe-2208.log
2015-01-30 07:17 - 2015-01-30 07:17 - 00000197 _____ () C:\WINDOWS\system32\2015-01-30-06-17-00.090-AvastVBoxSVC.exe-3828.log
2015-01-29 07:35 - 2015-01-29 07:35 - 00000247 _____ () C:\WINDOWS\system32\2015-01-29-06-35-36.066-aswFe.exe-7372.log
2015-01-29 07:30 - 2015-01-29 07:35 - 00000247 _____ () C:\WINDOWS\system32\2015-01-29-06-30-54.071-aswFe.exe-6736.log
2015-01-29 07:30 - 2015-01-29 07:30 - 00000197 _____ () C:\WINDOWS\system32\2015-01-29-06-30-53.005-AvastVBoxSVC.exe-1236.log
2015-01-29 07:22 - 2015-01-29 07:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\BRT
2015-01-28 12:49 - 2015-01-28 12:50 - 00000197 _____ () C:\WINDOWS\system32\2015-01-28-11-49-54.090-AvastVBoxSVC.exe-1900.log
2015-01-28 07:25 - 2015-01-28 07:25 - 00000197 _____ () C:\WINDOWS\system32\2015-01-28-06-25-25.070-AvastVBoxSVC.exe-4116.log
2015-01-27 23:50 - 2015-01-27 23:50 - 00000197 _____ () C:\WINDOWS\system32\2015-01-27-22-50-04.045-AvastVBoxSVC.exe-3340.log
2015-01-27 22:00 - 2015-01-27 22:02 - 51621699 _____ () C:\Users\Nico\Downloads\fritzing.0.9.1b.64.pc_1.zip
2015-01-27 12:45 - 2015-01-27 12:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 11:13 - 2015-01-25 11:13 - 00000197 _____ () C:\WINDOWS\system32\2015-01-25-10-13-02.080-AvastVBoxSVC.exe-4020.log
2015-01-24 12:00 - 2015-01-24 12:00 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\PowerISO
2015-01-24 11:57 - 2015-01-24 11:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-01-24 11:55 - 2015-01-24 11:56 - 00000197 _____ () C:\WINDOWS\system32\2015-01-24-10-55-59.055-AvastVBoxSVC.exe-3480.log
2015-01-24 11:55 - 2015-01-24 11:55 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-01-24 00:31 - 2015-01-28 13:40 - 00003278 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-3589802351-439905089-1110981561-1001
2015-01-23 17:13 - 2015-01-23 17:14 - 00754216 _____ (DownloadAstro) C:\Users\Nico\Downloads\kmplayer.exe
2015-01-23 16:02 - 2015-01-23 16:02 - 00000197 _____ () C:\WINDOWS\system32\2015-01-23-15-02-14.017-AvastVBoxSVC.exe-3960.log
2015-01-23 15:51 - 2015-01-23 15:51 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-01-23 15:49 - 2015-01-23 18:59 - 00000000 ____D () C:\Users\Nico\AppData\Local\JDownloader v2.0
2015-01-23 07:18 - 2015-01-23 07:19 - 00000197 _____ () C:\WINDOWS\system32\2015-01-23-06-18-57.062-AvastVBoxSVC.exe-3996.log
2015-01-21 14:25 - 2015-01-21 14:25 - 00000000 ____D () C:\Users\Nico\AppData\Local\PDF24
2015-01-20 07:16 - 2015-01-20 07:17 - 00000197 _____ () C:\WINDOWS\system32\2015-01-20-06-16-31.052-AvastVBoxSVC.exe-3912.log
2015-01-20 07:15 - 2015-01-20 07:15 - 00000000 ____D () C:\ENI
2015-01-19 14:28 - 2015-01-19 14:28 - 00000000 ____D () C:\Program Files (x86)\Evernote
2015-01-19 14:23 - 2015-01-19 14:25 - 98672136 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Nico\Downloads\Evernote_5.8.1.6061.exe
2015-01-19 13:39 - 2008-06-06 14:15 - 00016488 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\Drivers\SysDrv3S.sys
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3S Software
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\Program Files (x86)\3S Software
2015-01-19 13:38 - 2015-01-19 13:39 - 00000000 ____D () C:\lm.dat
2015-01-19 13:38 - 2015-01-19 13:38 - 00000000 ____D () C:\WINDOWS\Gateway Files
2015-01-19 13:38 - 2015-01-19 13:38 - 00000000 ____D () C:\Users\Nico\AppData\Local\EvernoteNW
2015-01-19 13:38 - 2010-06-10 13:53 - 00225353 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\Gateway.exe
2015-01-19 13:38 - 2010-06-10 13:53 - 00217164 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GDrvStd.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00192588 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GClient.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00184396 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GatewayDDE.exe
2015-01-19 13:38 - 2010-06-10 13:53 - 00147532 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GSymbol.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00147528 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GUtil.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00143436 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GHandle.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00135258 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GHandleStdcall.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00114766 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\GDrvBase.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00081993 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CommUsr.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00040960 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CAN_VCI.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00036937 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\CommSym.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00032768 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\PEAK_USB.dll
2015-01-19 13:38 - 2010-06-10 13:53 - 00032768 ____N (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\PEAK_DNG.dll
2015-01-19 13:38 - 2010-05-11 17:10 - 00483328 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\LMAPI.DLL
2015-01-19 13:38 - 2010-01-07 16:57 - 00081408 ____N (PEAK-System Technik GmbH) C:\WINDOWS\SysWOW64\PCAN_USB.dll
2015-01-19 13:38 - 2010-01-07 16:57 - 00069120 ____N (PEAK-System Technik GmbH) C:\WINDOWS\SysWOW64\PCAN_DNG.dll
2015-01-19 13:38 - 2009-01-20 08:45 - 00274432 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\ENIClient.dll
2015-01-19 13:38 - 2007-04-10 16:30 - 00088613 _____ () C:\WINDOWS\SysWOW64\gateway.chm
2015-01-19 13:38 - 2007-02-27 16:59 - 00139264 _____ (3S-Smart Software Solutions GmbH) C:\WINDOWS\SysWOW64\3SXMLParser.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00114688 _____ (Technosoftware AG) C:\WINDOWS\SysWOW64\OCSDAAuto.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00077824 _____ (OPC Foundation) C:\WINDOWS\SysWOW64\opcproxy.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00075264 _____ () C:\WINDOWS\SysWOW64\callrproxy.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00061440 _____ (OPC Foundation) C:\WINDOWS\SysWOW64\opccomn_ps.dll
2015-01-19 13:38 - 2000-11-10 08:38 - 00060416 _____ () C:\WINDOWS\SysWOW64\OPCENUM.EXE
2015-01-19 13:38 - 2000-11-10 08:38 - 00040960 _____ (Technosoftware AG) C:\WINDOWS\SysWOW64\OCSSpy_ps.dll
2015-01-19 13:35 - 2015-01-19 13:35 - 00000197 _____ () C:\WINDOWS\system32\2015-01-19-12-35-36.019-AvastVBoxSVC.exe-3620.log
2015-01-18 16:12 - 2015-01-18 16:12 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2015-01-18 16:12 - 2015-01-18 16:12 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2015-01-18 15:18 - 2015-01-18 15:18 - 00000197 _____ () C:\WINDOWS\system32\2015-01-18-14-18-08.028-AvastVBoxSVC.exe-3876.log
2015-01-18 15:11 - 2015-01-18 15:11 - 00000197 _____ () C:\WINDOWS\system32\2015-01-18-14-11-07.053-AvastVBoxSVC.exe-3680.log
2015-01-16 00:17 - 2015-01-16 00:17 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-23-17-19.029-aswFe.exe-5592.log
2015-01-16 00:07 - 2015-01-16 00:17 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-23-07-38.068-aswFe.exe-5112.log
2015-01-16 00:07 - 2015-01-16 00:07 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-23-07-05.000-AvastVBoxSVC.exe-5652.log
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\1033
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\RsFx
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\1033
2015-01-15 22:41 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0
2015-01-15 22:41 - 2009-07-21 01:42 - 00111640 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00079896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00078872 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2015-01-15 22:41 - 2009-07-21 01:42 - 00050200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2015-01-15 22:40 - 2015-01-15 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-01-15 22:39 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-01-15 22:39 - 2015-01-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-01-15 22:39 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-15 22:38 - 2015-01-15 22:38 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2015-01-15 22:36 - 2015-01-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK - Deutsch
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Users\Nico\Documents\Visual Studio 2008
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files\IIS
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-01-15 22:35 - 2015-01-15 22:35 - 00000000 ____D () C:\Program Files (x86)\IIS
2015-01-15 22:34 - 2015-01-15 22:34 - 00000000 ____D () C:\Users\Nico\Documents\Visual Studio 2010
2015-01-15 22:32 - 2015-01-18 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
2015-01-15 22:32 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\1031
2015-01-15 22:32 - 2015-01-15 22:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-01-15 22:32 - 2015-01-15 22:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft F#
2015-01-15 22:32 - 2015-01-15 22:33 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2015-01-15 22:31 - 2015-01-15 22:41 - 00000000 ____D () C:\WINDOWS\system32\1031
2015-01-15 22:31 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0
2015-01-15 22:31 - 2015-01-15 22:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\WINDOWS\symbols
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2015-01-15 22:31 - 2015-01-15 22:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-01-15 22:30 - 2015-01-15 22:30 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2015-01-15 22:27 - 2015-01-21 14:33 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Windows Live Writer
2015-01-15 22:27 - 2015-01-15 22:27 - 00000000 ____D () C:\Users\Nico\AppData\Local\Windows Live Writer
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELECTRA_250
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\ProgramData\CP70vxDj0
2015-01-15 22:22 - 2015-01-15 22:22 - 00000000 ____D () C:\Program Files (x86)\ELECTRA_250
2015-01-15 22:21 - 2015-01-15 22:21 - 00000806 _____ () C:\Users\Nico\Downloads\#Ablage.lnk
2015-01-15 22:21 - 2015-01-15 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TARGET 3001! V17 pcb-pool
2015-01-15 22:21 - 2015-01-15 22:21 - 00000000 ____D () C:\Program Files (x86)\ibf
2015-01-15 22:13 - 2015-02-05 07:17 - 00000000 ___RD () C:\Users\Nico\Dropbox
2015-01-15 22:06 - 2015-01-15 22:06 - 00324136 _____ (Dropbox, Inc.) C:\Users\Nico\Downloads\DropboxInstaller.exe
2015-01-15 21:57 - 2015-01-15 21:57 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-20-57-11.022-AvastVBoxSVC.exe-3676.log
2015-01-15 21:55 - 2015-01-15 21:55 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Sirrix AG
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\Users\Nico\AppData\Local\Cisco
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-01-15 21:54 - 2015-01-15 21:54 - 00000000 ____D () C:\ProgramData\Cisco
2015-01-15 21:54 - 2013-10-10 17:29 - 00112496 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2015-01-15 21:53 - 2015-01-15 21:53 - 00001275 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\ProgramData\Sirrix AG
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-01-15 21:53 - 2015-01-15 21:53 - 00000000 ____D () C:\Program Files (x86)\Sirrix AG
2015-01-15 21:50 - 2015-01-15 21:50 - 00000000 ____D () C:\Program Files\Oracle
2015-01-15 21:50 - 2014-01-10 22:49 - 00239376 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2015-01-15 21:50 - 2014-01-10 22:48 - 00119056 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2015-01-15 21:46 - 2015-01-15 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-15 21:45 - 2015-01-15 22:09 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-15 21:43 - 2015-02-05 16:05 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 21:43 - 2015-02-05 07:16 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 21:43 - 2015-02-04 18:00 - 00004112 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-15 21:43 - 2015-02-04 18:00 - 00003876 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-15 21:43 - 2015-01-15 21:46 - 00000000 ____D () C:\Users\Nico\AppData\Local\Google
2015-01-15 21:43 - 2015-01-15 21:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-15 21:42 - 2015-02-05 07:17 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Dropbox
2015-01-15 21:37 - 2015-01-15 21:37 - 00000000 ____D () C:\Users\Nico\AppData\Local\Evernote
2015-01-15 21:32 - 2015-01-18 15:59 - 00004062 _____ () C:\Users\Nico\AppData\Roaming\LTspiceIV.ini
2015-01-15 21:30 - 2015-01-15 21:30 - 00001211 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\LTspice IV.lnk
2015-01-15 21:30 - 2015-01-15 21:30 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Toastify
2015-01-15 21:29 - 2015-01-15 21:29 - 00000000 ____D () C:\Program Files (x86)\LTC
2015-01-15 21:20 - 2015-01-15 21:21 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-20-20-55.031-AvastVBoxSVC.exe-3124.log
2015-01-15 21:20 - 2015-01-15 21:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-15 21:20 - 2015-01-15 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-15 21:19 - 2015-01-15 21:19 - 00000844 _____ () C:\Users\Nico\Desktop\##Studium## - Verknüpfung.lnk
2015-01-15 21:19 - 2015-01-15 21:19 - 00000806 _____ () C:\Users\Nico\Desktop\#Ablage - Verknüpfung.lnk
2015-01-15 21:18 - 2015-01-15 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-01-15 21:18 - 2015-01-15 21:18 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-01-15 21:17 - 2015-01-15 22:21 - 00000000 ____D () C:\Program Files (x86)\PhotoshopPortable
2015-01-15 21:16 - 2015-01-15 21:16 - 00000039 _____ () C:\Users\Nico\AppData\Roaming\SupportBox_MSUL.cfg
2015-01-15 21:16 - 2015-01-15 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-01-15 21:16 - 2015-01-15 21:16 - 00000000 ____D () C:\Program Files\PowerISO
2015-01-15 21:16 - 2014-03-30 07:26 - 00129944 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\Program Files (x86)\Toastify
2015-01-15 21:15 - 2015-01-15 21:15 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2015-01-15 21:11 - 2015-02-04 18:51 - 00000000 ____D () C:\Users\Nico\AppData\Local\Spotify
2015-01-15 21:11 - 2015-01-15 21:11 - 00001794 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-01-15 21:11 - 2015-01-15 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-01-15 21:11 - 2015-01-15 21:11 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-01-15 21:10 - 2015-01-23 18:57 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\vlc
2015-01-15 21:10 - 2015-01-15 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-15 21:10 - 2015-01-15 21:10 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-01-15 21:09 - 2015-02-04 18:56 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Spotify
2015-01-15 21:09 - 2015-01-15 21:09 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-15 21:08 - 2015-01-15 21:08 - 00000000 ____D () C:\The KMPlayer
2015-01-15 21:06 - 2015-01-15 21:06 - 00001478 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-01-15 21:06 - 2015-01-15 21:06 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\it
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\fr
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\WINDOWS\de
2015-01-15 21:06 - 2015-01-15 21:06 - 00000000 ____D () C:\Program Files\Windows Live
2015-01-15 21:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-01-15 21:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-01-15 21:06 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-01-15 21:06 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-01-15 21:06 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-01-15 21:05 - 2015-01-22 07:22 - 00000000 ____D () C:\Users\Nico\AppData\Local\Windows Live
2015-01-15 21:05 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-01-15 21:05 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-01-15 21:03 - 2015-02-05 07:30 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Skype
2015-01-15 21:03 - 2015-01-15 21:20 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 21:03 - 2015-01-15 21:03 - 00000000 ____D () C:\Users\Nico\AppData\Local\Skype
2015-01-15 21:01 - 2015-01-15 21:08 - 92658088 _____ (Oracle Corporation) C:\Users\Nico\Downloads\jre-8u25-windows-x64.exe
2015-01-15 21:01 - 2015-01-15 21:03 - 29727656 _____ (Oracle Corporation) C:\Users\Nico\Downloads\jre-8u25-windows-i586.exe
2015-01-15 21:00 - 2015-01-15 21:09 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-15 21:00 - 2015-01-15 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-15 21:00 - 2015-01-15 21:03 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-15 21:00 - 2015-01-15 21:03 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-15 21:00 - 2015-01-15 21:00 - 00000000 ____D () C:\ProgramData\Sun
2015-01-15 20:58 - 2015-01-28 21:18 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Foxit Software
2015-01-15 20:58 - 2015-01-15 20:58 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-15 20:58 - 2015-01-15 20:58 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-01-15 20:57 - 2015-01-13 18:08 - 00001012 _____ () C:\Users\Nico\Desktop\DHBW.exe.lnk
2015-01-15 20:42 - 2015-01-15 20:42 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-42-31.087-AvastVBoxSVC.exe-2524.log
2015-01-15 20:40 - 2015-01-15 20:40 - 00000000 ____D () C:\WINDOWS\system32\RAPID
2015-01-15 20:40 - 2014-09-16 14:30 - 00268976 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SamsungRapidDiskFltr.sys
2015-01-15 20:24 - 2015-01-15 20:24 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-24-13.000-AvastVBoxSVC.exe-2488.log
2015-01-15 20:17 - 2015-01-15 20:17 - 00003276 _____ () C:\WINDOWS\System32\Tasks\SamsungMagician
2015-01-15 20:17 - 2015-01-15 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2015-01-15 20:15 - 2015-01-15 20:15 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-15-31.060-AvastVBoxSVC.exe-2496.log
2015-01-15 20:11 - 2015-01-15 20:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-19-11-42.036-aswFe.exe-3816.log
2015-01-15 20:09 - 2015-01-15 20:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-19-09-56.093-aswFe.exe-3408.log
2015-01-15 20:09 - 2015-01-15 20:10 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-19-09-56.027-AvastVBoxSVC.exe-2432.log
2015-01-15 20:00 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-15 20:00 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-15 19:55 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-15 19:55 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-15 19:55 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-15 19:55 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-15 19:55 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-15 19:55 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-15 19:55 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-15 19:55 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-15 19:55 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-15 19:55 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-15 19:55 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-15 19:55 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-15 19:55 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-15 19:55 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-15 19:55 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-15 19:55 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-15 19:55 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-15 19:55 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-15 19:55 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-15 19:55 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-15 19:55 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-15 19:55 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-15 19:55 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-15 19:55 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-15 19:55 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-15 19:55 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-15 19:55 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-15 19:55 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-15 19:55 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-15 19:55 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-15 19:55 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-15 19:55 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-15 19:55 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-15 19:55 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-15 19:55 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-15 19:55 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-15 19:55 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-15 19:55 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-15 19:55 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-15 19:55 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-15 19:55 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-15 19:55 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-15 19:55 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-15 19:55 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-15 19:55 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-15 19:55 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-15 19:55 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-15 19:55 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-15 19:55 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-15 19:55 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-15 19:55 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-15 19:55 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-15 19:55 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-15 19:55 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-15 19:55 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-15 19:55 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-15 19:55 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-15 19:55 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-15 19:55 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-15 19:55 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-15 19:55 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-15 19:55 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-15 19:55 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-15 19:55 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-15 19:55 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-15 19:55 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-15 19:55 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-15 19:55 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-15 19:55 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-15 19:55 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-15 19:55 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-15 19:55 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-15 19:55 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-15 19:55 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-15 19:55 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-15 19:55 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-15 19:55 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-15 19:55 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-15 19:55 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-15 19:55 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-15 19:55 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-15 19:55 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-15 19:55 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-15 19:55 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-15 19:55 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-15 19:55 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-15 19:55 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-15 19:55 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-15 19:55 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-15 19:55 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-15 19:55 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-15 19:55 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-15 19:55 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-15 19:55 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-15 19:55 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-15 19:55 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-15 19:55 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-15 19:55 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-15 19:55 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-15 19:55 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-15 19:55 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-15 19:55 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-15 19:55 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-15 19:55 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-15 19:55 - 2014-10-17 05:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-15 19:55 - 2014-10-17 05:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-15 19:55 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-15 19:55 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-15 19:54 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-01-15 19:54 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-01-15 19:52 - 2015-01-15 19:52 - 00000247 _____ () C:\WINDOWS\system32\2015-01-15-18-52-31.026-aswFe.exe-6052.log
2015-01-15 19:52 - 2015-01-15 19:52 - 00000197 _____ () C:\WINDOWS\system32\2015-01-15-18-52-30.013-AvastVBoxSVC.exe-4164.log
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-01-15 19:48 - 2015-01-15 19:48 - 00000000 ____D () C:\ProgramData\ATI
2015-01-15 19:45 - 2015-01-15 19:45 - 03733666 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-01-15 19:45 - 2015-01-15 19:45 - 00000000 ____D () C:\WINDOWS\RSTLog
2015-01-15 19:45 - 2015-01-15 19:45 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Intel Corporation
2015-01-15 19:44 - 2015-01-15 19:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-01-15 19:43 - 2013-07-26 15:07 - 00827096 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2015-01-15 19:43 - 2013-07-26 15:07 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-01-15 19:42 - 2013-07-24 14:57 - 00022832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2015-01-15 19:39 - 2015-01-15 19:39 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-15 19:39 - 2015-01-15 19:39 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-15 19:38 - 2015-02-02 19:57 - 00000000 ____D () C:\#Data
2015-01-15 19:32 - 2015-01-15 19:32 - 00003936 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-01-15 19:32 - 2015-01-15 19:32 - 00003690 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-01-15 19:32 - 2015-01-15 19:32 - 00000000 _____ () C:\WINDOWS\SysWOW64\agent.log
2015-01-15 19:31 - 2015-01-15 19:31 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-01-15 19:26 - 2015-01-15 19:26 - 00061191 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201501151926091236.log
2015-01-15 19:26 - 2015-01-15 19:26 - 00001272 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerXpress.lnk
2015-01-15 19:26 - 2015-01-15 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-15 19:26 - 2015-01-15 19:26 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-15 19:25 - 2013-08-30 20:14 - 00156712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00142792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00141256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00114488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00097984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-01-15 19:25 - 2013-08-30 20:14 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 09464840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 07256496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06767240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06189416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 06176008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-01-15 19:25 - 2013-08-30 20:13 - 01233080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-01-15 19:25 - 2013-08-30 20:11 - 12528640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-01-15 19:25 - 2013-08-30 20:05 - 00781312 _____ () C:\WINDOWS\system32\amdmiracast.dll
2015-01-15 19:25 - 2013-08-30 19:48 - 00229376 _____ () C:\WINDOWS\system32\clinfo.exe
2015-01-15 19:25 - 2013-08-30 19:48 - 00127488 _____ (AMD) C:\WINDOWS\system32\coinst_13.152.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 28192256 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2015-01-15 19:25 - 2013-08-30 19:47 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2015-01-15 19:25 - 2013-08-30 19:45 - 23760896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-01-15 19:25 - 2013-08-30 19:43 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-01-15 19:25 - 2013-08-30 19:43 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-01-15 19:25 - 2013-08-30 19:35 - 25387520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00530824 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-01-15 19:25 - 2013-08-30 19:18 - 00530824 _____ () C:\WINDOWS\system32\atiapfxx.blb
2015-01-15 19:25 - 2013-08-30 19:18 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-01-15 19:25 - 2013-08-30 19:18 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-01-15 19:25 - 2013-08-30 19:18 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-01-15 19:25 - 2013-08-30 19:17 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-01-15 19:25 - 2013-08-30 19:14 - 21400064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-01-15 19:25 - 2013-08-30 19:14 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-01-15 19:25 - 2013-08-30 19:04 - 03388672 _____ () C:\WINDOWS\system32\atiumd6a.cap
2015-01-15 19:25 - 2013-08-30 18:59 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-01-15 19:25 - 2013-08-30 18:58 - 00571904 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-01-15 19:25 - 2013-08-30 18:58 - 00026112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-01-15 19:25 - 2013-08-30 18:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-01-15 19:25 - 2013-08-30 18:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-01-15 19:25 - 2013-08-30 18:50 - 03422720 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2015-01-15 19:25 - 2013-08-30 18:37 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-01-15 19:25 - 2013-08-30 18:37 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-01-15 19:25 - 2013-08-30 18:35 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2015-01-15 19:25 - 2013-08-30 18:34 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00784384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00594944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-01-15 19:25 - 2013-08-30 18:33 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00618496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-01-15 19:25 - 2013-08-30 18:32 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-01-15 19:25 - 2013-08-30 18:32 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-01-15 19:25 - 2013-08-27 15:06 - 00233652 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
2015-01-15 19:25 - 2013-08-27 13:27 - 00082336 _____ () C:\WINDOWS\system32\ativce02.dat
2015-01-15 19:25 - 2013-08-07 13:22 - 00716208 _____ () C:\WINDOWS\system32\atiicdxx.dat
2015-01-15 19:25 - 2013-08-07 11:12 - 00231984 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2015-01-15 19:25 - 2013-05-04 15:22 - 00047164 _____ () C:\WINDOWS\atiogl.xml
2015-01-15 19:09 - 2015-01-15 19:09 - 00000000 ____D () C:\Program Files\DIFX
2015-01-15 18:45 - 2015-01-15 18:45 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-15 18:45 - 2015-01-15 18:45 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-15 18:44 - 2015-01-15 18:44 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-15 18:44 - 2015-01-15 18:44 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-01-15 18:44 - 2015-01-15 18:44 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-01-15 18:42 - 2015-01-15 18:42 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-15 18:42 - 2015-01-15 18:42 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-15 18:41 - 2015-01-15 18:41 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-15 18:41 - 2015-01-15 18:41 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-15 18:28 - 2015-01-15 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-15 18:25 - 2015-01-15 18:25 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-01-15 18:23 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2015-01-15 18:22 - 2015-01-15 18:22 - 00001450 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 18:22 - 2015-01-15 18:22 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-01-15 18:22 - 2015-01-15 18:22 - 00000020 ___SH () C:\Users\Nico\ntuser.ini
2015-01-15 18:22 - 2015-01-15 18:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\ATI
2015-01-15 18:22 - 2015-01-15 18:22 - 00000000 ____D () C:\Users\Nico\AppData\Local\ATI
2015-01-15 18:20 - 2015-02-05 13:28 - 02012389 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-15 18:20 - 2015-01-15 18:20 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-15 18:20 - 2015-01-15 18:20 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-01-15 18:18 - 2015-01-15 18:18 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-15 18:17 - 2015-02-02 21:07 - 00000000 ____D () C:\Users\Nico
2015-01-15 18:17 - 2015-01-15 18:20 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-01-15 18:17 - 2015-01-15 18:20 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Vorlagen
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Startmenü
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Netzwerkumgebung
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Lokale Einstellungen
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Eigene Dateien
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Druckumgebung
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Musik
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Documents\Eigene Bilder
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Verlauf
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\AppData\Local\Anwendungsdaten
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 _SHDL () C:\Users\Nico\Anwendungsdaten
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:17 - 2015-01-15 18:17 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-01-15 18:17 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 18:17 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-15 18:17 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-15 18:17 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-15 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_SensorsAlsDriver_01_11_00.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2015-01-15 18:15 - 2015-01-15 18:15 - 00000000 ____D () C:\Program Files\Realtek
2015-01-15 18:14 - 2015-01-15 19:46 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\Program Files\AMD
2015-01-15 18:14 - 2015-01-15 18:14 - 00000000 ____D () C:\AMD
2015-01-15 18:13 - 2015-01-15 19:46 - 00000000 ____D () C:\Program Files\Elantech
2015-01-15 18:13 - 2015-01-15 18:22 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-15 18:13 - 2015-01-15 18:13 - 00000000 __SHD () C:\Recovery
2015-01-15 18:12 - 2015-01-15 18:12 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-15 18:12 - 2015-01-15 18:12 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-15 18:12 - 2015-01-15 18:12 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-15 18:12 - 2015-01-15 18:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-01-15 18:12 - 2015-01-15 18:12 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-01-15 18:12 - 2015-01-15 18:12 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-01-15 18:12 - 2015-01-15 18:12 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-15 18:12 - 2015-01-15 18:12 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-15 18:11 - 2015-01-19 23:25 - 00000000 ____D () C:\WINDOWS\en-GB
2015-01-15 18:11 - 2015-01-15 18:11 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-15 18:11 - 2015-01-15 18:11 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-15 18:11 - 2015-01-15 18:11 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-15 18:11 - 2015-01-15 18:11 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-15 18:05 - 2015-01-15 18:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-15 18:04 - 2015-01-15 18:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-01-15 18:01 - 2015-01-15 18:01 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-15 18:01 - 2015-01-15 18:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-15 18:01 - 2015-01-15 18:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-15 18:01 - 2015-01-15 18:01 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-15 18:01 - 2015-01-15 18:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-01-15 18:01 - 2015-01-15 18:01 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-01-15 18:00 - 2015-01-19 23:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-01-15 18:00 - 2015-01-15 22:37 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-15 18:00 - 2015-01-15 22:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-15 18:00 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-01-15 18:00 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-15 17:54 - 2015-01-15 18:20 - 00006611 _____ () C:\WINDOWS\comsetup.log
2015-01-15 17:32 - 2014-07-21 21:28 - 04016216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-01-15 17:32 - 2014-07-21 13:52 - 01279373 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-01-15 17:32 - 2014-07-18 18:10 - 02810736 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-01-15 17:32 - 2014-07-18 14:22 - 00955096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-01-15 17:32 - 2014-07-16 14:36 - 67245056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-01-15 17:32 - 2014-07-07 19:55 - 00000008 _____ () C:\WINDOWS\system32\Drivers\rtkhdaud.dat
2015-01-15 17:32 - 2014-07-07 14:07 - 02860760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-01-15 17:32 - 2014-07-04 11:07 - 01024728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-01-15 17:32 - 2014-06-17 13:32 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-01-15 17:32 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-01-15 17:32 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-01-15 17:32 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-01-15 17:32 - 2014-02-06 11:28 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-01-15 17:32 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-01-15 17:32 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-01-15 17:32 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-01-15 17:32 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-01-15 17:32 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-01-15 17:32 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-01-15 17:32 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-01-15 17:32 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-01-15 17:32 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-01-15 17:32 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-01-15 17:32 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-01-15 17:31 - 2015-01-15 19:44 - 00000194 _____ () C:\Setup.log
2015-01-15 17:31 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-01-15 17:31 - 2014-05-19 10:47 - 02080472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-01-15 17:31 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-01-15 17:31 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-01-15 17:31 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-01-15 17:31 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-01-15 17:31 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-01-15 17:31 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-01-15 17:31 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-01-15 17:31 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-01-15 17:31 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-01-15 16:47 - 2015-01-15 16:47 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Samsung
2015-01-15 16:33 - 2015-01-15 16:33 - 00002970 _____ () C:\WINDOWS\System32\Tasks\SamsungLinkPC
2015-01-15 09:48 - 2015-01-15 09:48 - 00003126 _____ () C:\WINDOWS\System32\Tasks\advRecovery
2015-01-15 09:46 - 2015-01-15 09:46 - 00000000 ____D () C:\iBTWU
2015-01-15 09:34 - 2015-01-15 09:34 - 00003434 _____ () C:\WINDOWS\System32\Tasks\Settings
2015-01-14 23:08 - 2015-01-23 07:23 - 00003718 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-01-14 15:10 - 2015-01-14 15:10 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Macromedia
2015-01-14 15:10 - 2015-01-14 15:10 - 00000000 ____D () C:\Users\Nico\AppData\Local\Macromedia
2015-01-14 15:09 - 2015-02-05 16:17 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-14 15:09 - 2015-02-04 23:17 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-14 15:08 - 2015-01-27 07:39 - 00000000 ____D () C:\Users\Nico\AppData\Local\Adobe
2015-01-14 15:03 - 2015-01-14 15:03 - 00003476 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-01-14 15:03 - 2015-01-14 15:03 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2015-01-14 14:59 - 2015-01-15 18:24 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-01-14 14:58 - 2015-01-14 14:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 14:58 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 14:40 - 2015-01-15 21:54 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-01-14 14:40 - 2015-01-14 14:40 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-01-14 14:35 - 2014-10-22 04:34 - 00010777 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-01-14 14:01 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-01-14 14:01 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-01-14 13:08 - 2015-01-14 13:08 - 00000000 _____ () C:\Users\Nico\agent.log
2015-01-14 13:01 - 2015-01-15 19:40 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-14 13:01 - 2015-01-15 19:39 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-14 13:01 - 2015-01-15 19:39 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2015-01-14 12:54 - 2015-01-14 12:54 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Mozilla
2015-01-14 12:54 - 2015-01-14 12:54 - 00000000 ____D () C:\Users\Nico\AppData\Local\Mozilla
2015-01-14 12:53 - 2015-01-27 23:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-14 12:53 - 2015-01-24 00:34 - 00001151 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-14 12:53 - 2015-01-14 12:53 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 12:49 - 2015-02-03 12:59 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-14 12:49 - 2015-01-15 19:39 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-14 12:49 - 2015-01-15 19:39 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\AVAST Software
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-14 12:49 - 2015-01-14 12:49 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-14 12:29 - 2015-01-15 18:46 - 00008400 _____ () C:\WINDOWS\wsusofflineupdate.log
2015-01-14 12:28 - 2015-02-05 07:45 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3589802351-439905089-1110981561-1001
2015-01-14 12:28 - 2015-01-14 12:28 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\WinRAR
2015-01-14 12:28 - 2015-01-14 12:28 - 00000000 ____D () C:\Users\Nico\AppData\Local\bitcasa
2015-01-14 12:27 - 2015-01-15 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 12:27 - 2015-01-15 18:17 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 12:27 - 2015-01-15 17:40 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-14 12:24 - 2015-01-15 20:25 - 00000000 ____D () C:\Users\Nico\AppData\Local\Samsung
2015-01-14 12:23 - 2015-01-31 12:09 - 00005347 _____ () C:\Users\Nico\AppData\Roaming\AbsoluteReminder.xml
2015-01-14 12:23 - 2015-01-14 12:23 - 00001249 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2015-01-14 12:23 - 2015-01-14 12:23 - 00001202 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2015-01-14 12:23 - 2015-01-14 12:23 - 00000000 ____D () C:\Users\Nico\AppData\Local\Absolute_Software
2015-01-14 12:23 - 2015-01-14 12:23 - 00000000 _____ () C:\WINDOWS\system32\Drivers\144D_SAMSUNG_na_870Z5E_P05A.mrk
2015-01-14 12:22 - 2015-02-01 18:36 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2015-01-14 12:22 - 2015-01-23 15:50 - 00000000 ____D () C:\Users\Nico\AppData\Local\Packages
2015-01-14 12:22 - 2015-01-14 12:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Intel
2015-01-14 12:22 - 2015-01-14 12:22 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Adobe
2015-01-14 12:22 - 2013-02-27 18:08 - 139490760 _____ () C:\WINDOWS\[0407]SamsungStory01_ger.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-05 07:20 - 2014-11-21 04:35 - 01963610 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-05 07:20 - 2014-11-21 03:45 - 00831932 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-05 07:20 - 2014-11-21 03:45 - 00184304 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-05 07:19 - 2013-04-15 22:37 - 00000000 ____D () C:\ProgramData\WinClon
2015-02-05 07:15 - 2014-11-20 19:24 - 00030220 _____ () C:\WINDOWS\PFRO.log
2015-02-05 07:15 - 2013-08-22 15:46 - 00314291 _____ () C:\WINDOWS\setupact.log
2015-02-05 07:15 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-04 09:20 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-02 07:26 - 2013-08-22 15:44 - 00533664 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-01 18:09 - 2013-08-22 14:25 - 00000194 _____ () C:\WINDOWS\win.ini
2015-01-28 08:00 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-24 21:20 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 11:57 - 2013-04-15 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-24 00:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-01-23 15:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-23 07:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-22 18:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-19 23:25 - 2014-11-21 04:13 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-01-19 23:25 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-19 23:25 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-01-19 23:25 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-01-19 13:38 - 2013-04-15 21:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 22:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-15 22:39 - 2013-04-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-15 21:06 - 2013-04-15 22:41 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-01-15 21:06 - 2013-04-15 22:41 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-15 21:05 - 2013-04-15 22:41 - 00001653 _____ () C:\WINDOWS\DirectX.log
2015-01-15 20:39 - 2013-04-15 21:50 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-15 20:17 - 2013-04-15 22:38 - 00000000 ____D () C:\ProgramData\Samsung
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-01-15 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ____D () C:\ProgramData\Intel
2015-01-15 19:45 - 2013-04-15 21:48 - 00000000 ____D () C:\Program Files\Intel
2015-01-15 19:44 - 2013-04-15 21:48 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-15 19:42 - 2013-04-15 21:49 - 00028034 _____ () C:\WINDOWS\DPINST.LOG
2015-01-15 19:36 - 2013-08-22 15:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2015-01-15 19:36 - 2013-04-15 22:46 - 00019318 _____ () C:\WINDOWS\system32\results.xml
2015-01-15 19:26 - 2013-04-15 22:34 - 00000000 ____D () C:\ProgramData\AMD
2015-01-15 19:25 - 2013-04-15 22:33 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-15 19:25 - 2013-04-15 21:49 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-15 18:46 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:46 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 18:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-01-15 18:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-15 18:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-15 18:20 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-15 18:19 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-01-15 18:19 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-15 18:18 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-01-15 18:18 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-01-15 18:18 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-01-15 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-01-15 18:18 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-01-15 18:18 - 2013-08-22 14:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-15 18:18 - 2013-04-15 22:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2015-01-15 18:18 - 2013-04-15 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitcasa
2015-01-15 18:18 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
2015-01-15 18:18 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Absolute Software
2015-01-15 18:18 - 2013-04-15 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-01-15 18:18 - 2012-08-05 22:11 - 00000000 ____D () C:\ProgramData\PRICache
2015-01-15 18:18 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-01-15 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-01-15 18:12 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-01-15 18:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-01-15 17:58 - 2013-04-15 21:49 - 01771989 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-01-15 17:56 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-01-15 17:32 - 2013-04-15 21:48 - 00002787 _____ () C:\RHDSetup.log
2015-01-15 17:32 - 2013-04-15 21:48 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-15 13:07 - 2013-04-15 22:38 - 00000000 ____D () C:\ProgramData\Temp
2015-01-15 09:48 - 2013-04-15 21:50 - 00000000 ____D () C:\Program Files\Samsung
2015-01-14 14:40 - 2013-04-15 22:38 - 00000000 ____D () C:\Users\EasySurvey
2015-01-14 14:39 - 2013-04-15 21:48 - 00000000 ____D () C:\Intel
2015-01-14 12:48 - 2013-04-15 22:36 - 00000000 ____D () C:\ProgramData\Norton
2015-01-14 12:46 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories =======

2015-01-14 12:23 - 2015-01-31 12:09 - 0005347 _____ () C:\Users\Nico\AppData\Roaming\AbsoluteReminder.xml
2015-01-15 21:32 - 2015-01-18 15:59 - 0004062 _____ () C:\Users\Nico\AppData\Roaming\LTspiceIV.ini
2015-01-15 21:16 - 2015-01-15 21:16 - 0000039 _____ () C:\Users\Nico\AppData\Roaming\SupportBox_MSUL.cfg
2015-01-15 18:15 - 2015-01-15 18:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-15 22:43 - 2013-02-19 08:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-04-15 22:43 - 2013-01-12 15:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\Nico\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjvrxsp.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-04 10:09

==================== End Of Log ============================

Was ist mit den übrigen verdächtigen Datein die ESET gefunden hat und die nicht in der Quarantäne von adwcleaner liegen?

Gruß Nico

Bootsektor · 06.02.2015, 00:00

Hallo Nico,

nee die Quarantänen löschen wir gleich alle

und den Rest jetzt

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\4EE80OXF\spstub[1].exe
C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\DynamoCombo[1].dll
C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\Setup[1].exe
C:\Users\Nico\Downloads\kmplayer.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

OK
So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir.

Schritt 1

Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren.
Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen.

Downloade dir bitte delfix auf deinen Desktop.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.

Falls nach Delfix noch Programme aus unserer Bereinigung vorhanden sein sollten, kannst du diese nun bedenkenlos löschen.

Updates / Programme aktualisieren

FlashPlayer

Dein FlashPlayer für den InternetExplorer (ActiveX) ist nicht mehr aktuell.

deinstalliere die alten Versionen.
Öffne mit dem InternetExplorer folgenden Link Adobe - Adobe Flash Player installieren
Falls sich dort etwas anderes als der FlashPlayer noch zusätzlich mitinstallieren möchte, entferne den Haken dort

Aktualisierung einstellen
Stelle sicher, dass dein FlashPlayer nach Updates sucht. Den FlashPlayer kann man direkt bei der Installation so konfigurieren, dass er nach Updates automatisch sucht, nachträglich kann man das über folgenden Link machen:
Adobe - Flash Player: Einstellungsmanager - Globale Benachrichtigungseinstellungen

Adobe Reader

Dein Adobe Reader ist veraltet.
Deinstalliere Deinen Reader und lade Dir die neueste Version von hier herunter. Schaue, ob sich noch etwas mit installieren möchte und entferne den Haken gegebenenfalls.

Java

Dein Java ist nicht mehr aktuell.
Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.
Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren.

Windows XP
Gehe auf:
Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen
Windows Vista
Gehe auf:
Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen
Windows 7
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Javaversionen auswählen --> entfernen
Windows 8
Dazu drücke auf:
Windowstaste und X
dann:
Programme und Funktionen -->Javaversionen auswählen --> entfernen

Falls du Java doch unbedingt benötigst, dann

Downloade dir bitte die neueste Java-Version von hier
Speichere die jxpiinstall.exe
Schließe alle laufenden Programme. Speziell deinen Browser.
Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 8 Update 31 ) herunter laden.
Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." während der Installation.
Wenn die Installation beendet wurde
Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.

Nach dem Neustart

Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
Klicke auf Dateien löschen....
Gehe sicher das überall ein Haken gesetzt ist und klicke OK.
Klicke erneut OK.

und sorge dafür, dass Java automatisch updated.
Dazu:

öffne Java
klicke auf den Reiter Update
klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
klicke auf Erweitert
ändere das Intervall mindestens auf wöchentlich

und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.

Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür

verwende für jede Anwendung und jeden Account ein anderes Passwort
ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen, und Sonderzeichen
benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben

Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.

Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.

Antivirensoftware

Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz

MalwareBytes Anti-Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows.
Windows Vista

Klicke unten links auf das Vistasymbol
Gehe auf Programme -> Zubehör -> Systemprogramme -> Datenträgerbereinigung
Wähle nun Dateien von allen Benutzern des Computers aus und bestätige mit OK
Setze den Haken bei den zu löschenden Dateien zusätzlich bei Temporäre Dateien
Bestätige mit OK
Bestätige dass du die Dateien unwiderruflich löschen möchtest

Windows 7

Gehe auf das Windowsstartsymbol
Gebe im Suchfeld Datenträgerrereinigung ein
Setze den Haken zusätzlich bei Temporäre Dateien
Bestätige mit OK

Windows 8

Rechtsklicke in die untere linke Ecke deines Bildschirms
Klicke auf Suchen
Klicke auf Einstellungen
Gebe im Suchfeld Datenträgerbereinigung ein
Klicke in den Einstellungen auf der linken Seite nun auf Speicherplatz durch Löschen nicht erforderlicher Dateien freigeben
Setze den Haken zusätzlich bei Temporäre Dateien
Bestätige mit OK
Bestätige dass du die Dateien unwiderruflich löschen möchtest

Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

IneedHelp1 · 08.02.2015, 21:17

Hallo,

so mittlerweile hab ich zeit gefunden die Fixlog.txt zu erstellen -> s. Unten.
Delfix hab ich erfolgreich ausgeführt.
Beim aktualisieren des ActiveX flash player im internetexplorer gibt es ein Problem.
Hab den shockwave player deinstalliert. Als ich anschließend dem Link von dir zur aktualisierung des flashplayers gefolgt bin,
stand dort nur, dass der flash player bei windows 8 im internetexplorer schon installiert ist. Weiter unten konnte ich die
aktuelle version vom flashplayer für windows 8.1 64-bit und 32-bit downloaden, leider lieferte eine Fehlermeldung die Meldung,
dass das Update nicht für mein Windows geeignet sei, wieso auch immer.
Was mach ich da nun am besten? Ich benutze den Internet-Explorer ohnehin nie - kann man ihn vielleicht einfach deinstallieren?

Adobe Reader hab ich bei Programme&Features deinstalliert und anhand deines Links den Reader geladen und installiert - ohne Probleme.

Java hab ich nun mal ganz deinstalliert. Falls ichs brauchen sollte, schau ich mir dann nochmal deinen Beitrag und die Tipps an.

Fixlog.txt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2015
Ran by Nico at 2015-02-06 07:41:40 Run:1
Running from C:\Users\Nico\Desktop
Loaded Profiles: Nico (Available profiles: Nico)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\4EE80OXF\spstub[1].exe
C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\DynamoCombo[1].dll
C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\Setup[1].exe
C:\Users\Nico\Downloads\kmplayer.exe
         
*****************

"C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\4EE80OXF\spstub[1].exe" => File/Directory not found.
"C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\DynamoCombo[1].dll" => File/Directory not found.
"C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\Setup[1].exe" => File/Directory not found.
"C:\Users\Nico\Downloads\kmplayer.exe" => File/Directory not found.

==== End of Fixlog 07:41:41 ====

Die Datenträgerbereinigung hab ich auch ausgeführt.

Dann müsste ich jetzt nur noch die Quarantäne löschen oder? Soll ich das einfach selbst machen oder gibts da auch ne Anleitung? Nicht, dass ich jetzt noch was falsch mache

Bootsektor · 09.02.2015, 23:15

Hallo,

kannst du dir bitte FRST nochmal runterladen löschen und den Fix nochmal ausführen... irgendwie hat der nicht funktioniert.

Unsere Quarantäne wird mitsamt den Tools mittels Delfix gelöscht, und Dateien in der Quarantäne sind nicht weiter wild, die sind da tot.

Zitat:

Was mach ich da nun am besten?

Schau mal, ob du das nach dieser Anleitung hinbekommst.

Zitat:

Ich benutze den Internet-Explorer ohnehin nie - kann man ihn vielleicht einfach deinstallieren?

Kann man, würd ich dir aber nicht empfehlen.

IneedHelp1 · 16.02.2015, 12:58

Hallo,

bin leider erst jetzt wieder dazu gekommen, mich wieder hierum zu kümmern.

Ich hab jetzt nochmal FRST runtergeladen die Fixlog erstellt (s.Unten).
Und delfix ausgeführt. Ich hoffe ich hab deinen letzten Post damit richtig verstanden?

Also im internet Explorer steht nach wie vor, dass der Flash Player bei windows 8 schon vorinstalliert ist und unter dem Hilfelink den du mir gepostet hast, steht im IE sowie in Firefox und Chrome steht jeweils, dass die aktuelle Version installiert ist, das sollte also passen.
Java hab ich inzwischen wieder installiert da ich es wohl benötige..

hier die Fixlog.txt:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015
Ran by Nico at 2015-02-16 12:50:05 Run:1
Running from C:\Users\Nico\Desktop
Loaded Profiles: Nico (Available profiles: Nico)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\4EE80OXF\spstub[1].exe
C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\DynamoCombo[1].dll
C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\Setup[1].exe
C:\Users\Nico\Downloads\kmplayer.exe
*****************

"C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\4EE80OXF\spstub[1].exe" => File/Directory not found.
"C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\DynamoCombo[1].dll" => File/Directory not found.
"C:\Users\Nico\AppData\Local\Microsoft\Windows\INetCache\IE\87D2HB3X\Setup[1].exe" => File/Directory not found.
"C:\Users\Nico\Downloads\kmplayer.exe" => File/Directory not found.

==== End of Fixlog 12:50:05 ====

Ist mein Rechner denn nun soweit clean?

Gruß Nico

Bootsektor · 17.02.2015, 00:02

Hallo,

dazu ein klares Jein

da sind noch so ein paar nebensächliche Sachen.

Öffne mal den Internetexplorer und drücke dann gleichzeitig die Umschalttaste, Strg und dann entfernen, es öffnet sich ein Fenster, verändere nichts an den Einstellungen und klicke auf OK.

Dann guck bitte, ob du im Ordner:
C:\Users\Nico\Downloads\

die Datei kmplayer.exe findest und lösche diese.

Ansonsten sind wir aber durch