Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Verdacht auf Viren/Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.09.2014, 23:14   #1
DYMLP
 
Verdacht auf Viren/Trojaner - Standard

Verdacht auf Viren/Trojaner



Hallo,ich habe einen Verdacht auf einen Trojaner bzw. einen Virus denn mein internet hat sich extrem verlangsamt obwohl ich regelmäßig den Datenmüll reinige und NICHTS in der Zeit gedownloadet habe.

Hier hab ich einen FRST scan gemacht,hoffe mir kann wer helfen mein Internet wieder auf Vordermann zu bringen,danke!

Alt 26.09.2014, 23:28   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf Viren/Trojaner - Standard

Verdacht auf Viren/Trojaner



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 27.09.2014, 09:33   #3
DYMLP
 
Verdacht auf Viren/Trojaner - Standard

Verdacht auf Viren/Trojaner



Ich sende die Logfiles einzeln,falls das ok ist
__________________

Alt 27.09.2014, 09:35   #4
DYMLP
 
Verdacht auf Viren/Trojaner - Standard

Verdacht auf Viren/Trojaner



Ok hier sind die 3 Logfiles

Alt 27.09.2014, 16:05   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf Viren/Trojaner - Standard

Verdacht auf Viren/Trojaner



Ich poste es gerne nochmal

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.09.2014, 16:20   #6
DYMLP
 
Verdacht auf Viren/Trojaner - Standard

Verdacht auf Viren/Trojaner




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014
Ran by Admin (administrator) on PC03 on 26-09-2014 23:59:59
Running from C:\Users\Admin\Downloads
Loaded Profile: Admin (Available profiles: Admin)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PC Tools) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Seifert) C:\Program Files (x86)\WinDirStat\windirstat.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [796696 2009-07-24] (Intel Corporation)
HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe [1002832 2014-09-19] (BullGuard Ltd.)
HKLM\...\Run: [BullGuardUpdate2] => c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2530128 2014-09-19] (BullGuard Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0
HKLM\...\Policies\Explorer: [NoBandCustomize] 0
HKU\S-1-5-21-718493722-3534519543-2746478738-1000\...\MountPoints2: D - D:\Launch.exe
HKU\S-1-5-21-718493722-3534519543-2746478738-1000\...\MountPoints2: {24fe8b57-2780-11e4-9615-0024818e3659} - E:\Setup.exe
HKU\S-1-5-21-718493722-3534519543-2746478738-1000\...\MountPoints2: {2d951667-1faa-11e4-a49c-14d64d4ea38d} - E:\AutoRun.exe
HKU\S-1-5-21-718493722-3534519543-2746478738-1000\...\MountPoints2: {2d951688-1faa-11e4-a49c-14d64d4ea38d} - E:\AutoRun.exe
HKU\S-1-5-21-718493722-3534519543-2746478738-1000\...\MountPoints2: {2e116bc1-2bf8-11e3-b7ff-806e6f6e6963} - D:\AUTORUN.EXE
HKU\S-1-5-21-718493722-3534519543-2746478738-1000\...\MountPoints2: {600158ba-081d-11e4-85d3-0024818e3659} - E:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-27] (Microsoft Corporation)
AppInit_DLLs: c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll => c:\Program Files\BullGuard Ltd\BullGuard\BgAgent.dll [103848 2014-09-19] (BullGuard Ltd.)
AppInit_DLLs:  BgGamingMonitor.dll => C:\Windows\system32\BgGamingMonitor.dll [124360 2014-09-19] (BullGuard Ltd.)
AppInit_DLLs-x32: c:\PROGRA~1\BULLGU~1\BULLGU~1\Files32\BgAgent.dll => c:\Program Files\BullGuard Ltd\BullGuard\Files32\BgAgent.dll [87856 2014-09-19] (BullGuard Ltd.)
AppInit_DLLs-x32:  C:\Windows\System32\BgGamingMonitor.dll => C:\Windows\SysWOW64\BgGamingMonitor.dll [111952 2014-09-19] (BullGuard Ltd.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x16DA150148BBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
SearchScopes: HKCU - {156B4E06-D4DB-444C-B1B5-8E40D64912DB} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {53C55B48-CC7E-4107-B567-CFFA45F323E5} URL = https://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=614363&p={searchTerms}
BHO-x32: PC Tools Browser Guard BHO -> {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} -> C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{ADD92878-0B6F-44C2-ADCF-AB44D57FA270}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\204p26rp.default
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=614363&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\204p26rp.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\204p26rp.default\Extensions\donottrackplus@abine.com [2014-08-03]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\204p26rp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-27]
FF HKLM-x32\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard
FF Extension: BullGuard Safe Browsing - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard [2014-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox
FF Extension: No Name - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox [2014-09-20]
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\files32\backup\thunderbirdbkplugin
FF Extension: BullGuard Backup - C:\Program Files\BullGuard Ltd\BullGuard\files32\backup\thunderbirdbkplugin [2014-09-19]
FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter
FF Extension: BullGuard Spamfilter - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter [2014-09-19]
FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.598 [Not Found]
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\204p26rp.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [Not Found]

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Avira Browser Safety) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-07]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-10]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-08-15] ()
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [580728 2012-10-23] (Threat Expert Ltd.)
R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [695120 2014-09-19] (BullGuard Ltd.)
R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [445776 2014-09-19] (BullGuard Ltd.)
R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [376656 2014-09-19] (BullGuard Ltd.)
R2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [604496 2014-09-19] (BullGuard Ltd.)
R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [624464 2014-09-19] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [349520 2014-09-19] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [242512 2014-09-19] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [370000 2014-09-19] (BullGuard Ltd.)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2009-07-24] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-08] ()
R2 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [403416 2012-10-31] (PC Tools)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2409272 2013-12-10] (TuneUp Software)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2066968 2009-07-24] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFW; C:\Windows\System32\DRIVERS\afw.sys [40544 2014-09-19] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [464480 2014-09-19] (Agnitum Ltd.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R3 BdNet; C:\Windows\System32\drivers\BdNet.sys [34928 2014-09-19] (BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [68720 2014-09-19] (BullGuard Ltd.)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [987648 2009-08-05] (Ralink Technology Corp.)
R1 NovaShieldFilterDriver; C:\Windows\System32\DRIVERS\NSKernel.sys [256072 2012-06-26] (NovaShield, Inc.)
R1 NovaShieldTDIDriver; C:\Windows\System32\DRIVERS\NSNetmon.sys [25160 2012-06-26] (NovaShield, Inc.)
R3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [77144 2012-10-23] (PC Tools)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [413448 2012-10-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096176 2012-02-28] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi64.sys [347016 2012-10-31] (PC Tools)
S3 pctplsm; C:\Windows\System32\drivers\pctplsm64.sys [87968 2012-11-01] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [253256 2012-11-01] (PC Tools)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [350160 2014-09-19] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\e1k62x64.sys 477E33019A855D9B8E7B3263CB9A1AE5
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys E91AFF2610114CCAEBB90D4D991BB6B2
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dnetr28ux.sys 26672F93749AC9FD28DA1B0F94EFA78D
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NSKernel.sys 510755C17F4AA13605412961F58884B5
C:\Windows\System32\DRIVERS\NSNetmon.sys 440469E8505744CCAA3BA294306258AE
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PCTBD64.sys 51019118F4715E6DA58B3372246C281A
C:\Windows\System32\drivers\PCTCore64.sys 0012046DEE36BF3D241F027B4417B433
C:\Windows\System32\drivers\pctDS64.sys BA1F42A42F405F62CEFF6B69A2797F7C
C:\Windows\System32\drivers\pctEFA64.sys 146CC91C93CED13E7FE40E8D8615BE39
C:\Windows\System32\drivers\pctgntdi64.sys E5F6DA5B178028A750C5B8D7B09B3383
C:\Windows\System32\drivers\pctplsm64.sys F9FC1B700D16ED0AE96A36A758E18F31
C:\Windows\System32\Drivers\PCTSD64.sys DB2BA2D9585101947C5A60D785A63491
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\point64.sys E4799B87675C59AA1F620DE5C6F113BB
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D
C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F
C:\Windows\System32\DRIVERS\Trufos.sys B66EE1D68197DFB9AA24F961E68ACDCC
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 23:59 - 2014-09-27 00:00 - 00032020 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-09-26 23:59 - 2014-09-27 00:00 - 00000000 ____D () C:\FRST
2014-09-26 23:57 - 2014-09-26 23:57 - 02108928 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-09-26 23:51 - 2014-09-26 23:51 - 00000991 _____ () C:\Users\Admin\Desktop\WinDirStat.lnk
2014-09-26 23:51 - 2014-09-26 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-09-26 23:51 - 2014-09-26 23:51 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-09-26 23:48 - 2014-09-26 23:48 - 00645729 _____ () C:\Users\Admin\Downloads\windirstat1_1_2_setup.exe
2014-09-26 21:51 - 2014-09-26 21:51 - 00000480 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-09-26 15:02 - 2014-09-26 15:02 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-09-25 17:11 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-25 17:11 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 19:42 - 2014-09-24 19:42 - 00000000 ____D () C:\Users\Admin\Downloads\ZZQ2AA7.417
2014-09-24 19:38 - 2014-09-24 19:39 - 02623081 _____ () C:\Users\Admin\Downloads\ZZQ2AA7.417.zip
2014-09-24 19:15 - 2014-09-26 01:43 - 00000000 ____D () C:\Users\Admin\Downloads\5x6i_5441de
2014-09-24 19:14 - 2014-09-24 19:16 - 00014336 ___SH () C:\Users\Admin\Downloads\Thumbs.db
2014-09-24 19:07 - 2014-09-24 19:08 - 02497057 _____ () C:\Users\Admin\Downloads\SpeedTouch_upgrade_wizard_R4421.zip
2014-09-24 19:06 - 2014-09-24 19:06 - 04729562 _____ () C:\Users\Admin\Downloads\5x6i_5441de.zip
2014-09-24 14:23 - 2014-09-26 01:43 - 00000000 ____D () C:\Users\Admin\Desktop\setfsb_2_3_173
2014-09-23 21:08 - 2014-09-23 21:08 - 00005319 _____ () C:\Users\Admin\Downloads\grüninger A Story about Bill Gates.odt
2014-09-23 17:24 - 2014-09-23 17:24 - 00000000 _____ () C:\Users\Admin\Documents\ts3_clientui-win64-1407159763-2014-09-23 17_24_59.804605.dmp
2014-09-23 15:50 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-23 15:50 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-23 15:29 - 2014-09-24 15:32 - 00000000 ___DC () C:\Users\Admin\AppData\Local\MigWiz
2014-09-22 21:24 - 2008-08-31 15:15 - 00171008 _____ (by Cyba_Mephisto) C:\Users\Admin\Desktop\CPUCalc1.9.6.exe
2014-09-22 19:32 - 2014-09-22 19:31 - 00043482 ____N () C:\Users\Admin\Desktop\cpucalc_22325.zip
2014-09-22 19:09 - 2014-09-26 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-22 19:09 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-09-22 19:09 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-09-22 19:09 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-09-22 19:09 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-09-22 19:09 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-09-22 19:09 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-22 19:09 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-09-22 19:09 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-22 19:09 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-09-22 19:09 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-09-22 19:09 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-09-22 19:09 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-09-22 19:09 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-22 19:09 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-09-22 19:09 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-22 19:09 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-09-22 19:08 - 2014-09-22 19:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-22 19:08 - 2014-09-22 19:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-22 18:56 - 2014-09-22 18:18 - 53689488 ____N (Intel Corporation) C:\Users\Admin\Desktop\XTU-Setup-exe.exe
2014-09-22 18:50 - 2014-09-22 18:44 - 00242381 ____N () C:\Users\Admin\Desktop\setfsb_2_3_173.zip
2014-09-22 18:20 - 2014-09-22 18:20 - 00000000 ____D () C:\Users\Admin\Intel
2014-09-22 18:20 - 2014-09-22 18:20 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-09-22 18:20 - 2014-09-22 18:20 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-09-22 18:20 - 2014-09-22 18:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-09-22 18:20 - 2014-09-22 18:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-09-22 18:07 - 2014-09-22 18:07 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-09-22 14:49 - 2014-09-23 04:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link
2014-09-22 14:48 - 2014-09-22 14:48 - 00003284 _____ () C:\Users\Admin\AppData\Roaming\ANIWZCS{ADD92878-0B6F-44C2-ADCF-AB44D57FA270}
2014-09-22 14:48 - 2014-09-22 14:48 - 00000000 ____D () C:\Program Files (x86)\ANI
2014-09-22 14:48 - 2009-06-01 14:23 - 00315392 _____ () C:\Windows\SysWOW64\ANIOApi.dll
2014-09-22 14:47 - 2014-09-22 14:47 - 00000000 ____D () C:\Program Files (x86)\D-Link
2014-09-22 14:47 - 2009-09-02 11:00 - 00733184 _____ () C:\Windows\SysWOW64\ANIOWPS.dll
2014-09-22 14:47 - 2009-07-17 16:23 - 00479360 _____ (Ralink Technology, Corp.) C:\Windows\SysWOW64\Dr71WU98.sys
2014-09-22 14:47 - 2009-02-26 11:22 - 00237568 _____ () C:\Windows\SysWOW64\ANIWPS.exe
2014-09-22 14:47 - 2008-11-27 18:29 - 00302080 _____ () C:\Windows\lwd.exe
2014-09-22 14:47 - 2008-09-25 13:16 - 00204800 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-09-22 14:47 - 2008-09-25 13:15 - 01110016 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-09-22 14:47 - 2007-05-12 14:44 - 00247808 _____ (Ralink Technology Inc.) C:\Windows\SysWOW64\rt25u98.sys
2014-09-22 14:47 - 2005-11-18 15:21 - 00002048 _____ () C:\Windows\SysWOW64\rt73.bin
2014-09-21 19:55 - 2014-09-26 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClearProg
2014-09-21 19:55 - 2014-09-21 19:55 - 00000979 _____ () C:\Users\Public\Desktop\ClearProg.lnk
2014-09-21 19:55 - 2014-09-21 19:55 - 00000000 ____D () C:\Program Files (x86)\ClearProg
2014-09-21 19:54 - 2014-09-21 19:54 - 00454147 _____ () C:\Users\Admin\Downloads\Setup_ClearProg_1.6.0_Final_neu.exe
2014-09-21 19:47 - 2014-09-21 19:51 - 04264880 _____ () C:\Users\Admin\Downloads\XPClean_Speed.msi
2014-09-21 17:13 - 2014-09-21 17:23 - 00000026 _____ () C:\Users\Admin\Desktop\.vbs
2014-09-21 15:57 - 2014-09-21 15:57 - 00000073 _____ () C:\Users\Admin\Downloads\schneller.bat
2014-09-21 10:51 - 2014-09-21 10:57 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify
2014-09-21 10:51 - 2014-09-21 10:51 - 00001801 _____ () C:\Users\Admin\Desktop\Spotify.lnk
2014-09-21 10:51 - 2014-09-21 10:51 - 00001787 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-09-21 10:48 - 2014-09-21 15:27 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-09-21 10:48 - 2014-09-21 10:48 - 00136864 _____ (Spotify Ltd) C:\Users\Admin\Downloads\SpotifySetup.exe
2014-09-21 10:34 - 2014-09-21 10:34 - 00019561 _____ () C:\Users\Admin\Desktop\2.odt
2014-09-20 21:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-20 21:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-20 21:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-20 21:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-20 21:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-20 21:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-20 21:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-20 21:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-20 21:57 - 2014-09-22 06:12 - 00000000 ____D () C:\Qoobox
2014-09-20 21:57 - 2014-09-20 21:57 - 00000000 ____D () C:\Windows\erdnt
2014-09-20 21:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-20 21:54 - 2014-09-20 22:12 - 00002156 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-09-20 21:25 - 2014-09-20 21:25 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 21:14 - 2014-09-26 01:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-09-20 21:14 - 2014-09-20 21:14 - 00000000 ____D () C:\Program Files\Unlocker
2014-09-20 19:55 - 2014-09-20 22:14 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-09-20 16:03 - 2014-09-20 16:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\GHISLER
2014-09-20 13:31 - 2012-10-23 17:40 - 02280568 _____ (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2014-09-20 13:31 - 2012-10-23 17:40 - 01690744 _____ (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2014-09-20 13:31 - 2012-10-23 17:40 - 00769144 _____ () C:\Windows\BDTSupport.dll
2014-09-20 13:31 - 2012-10-23 17:40 - 00150648 _____ (PC Tools) C:\Windows\SGDetectionTool.dll
2014-09-20 13:31 - 2012-10-23 17:40 - 00077144 _____ (PC Tools) C:\Windows\system32\Drivers\PCTBD64.sys
2014-09-20 13:31 - 2012-10-23 16:30 - 00003488 _____ () C:\Windows\UDB.zip
2014-09-20 13:31 - 2012-10-23 16:30 - 00000882 _____ () C:\Windows\RegSDImport.xml
2014-09-20 13:31 - 2012-10-23 16:30 - 00000879 _____ () C:\Windows\RegISSImport.xml
2014-09-20 13:31 - 2012-10-23 16:30 - 00000131 _____ () C:\Windows\IDB.zip
2014-09-20 13:29 - 2014-09-21 00:08 - 00000000 ____D () C:\Program Files (x86)\PC Tools
2014-09-20 13:29 - 2012-11-01 15:35 - 00093600 _____ (PC Tools) C:\Windows\system32\Drivers\pctplsg64.sys
2014-09-20 13:29 - 2012-11-01 15:35 - 00087968 _____ (PC Tools) C:\Windows\system32\Drivers\pctplsm64.sys
2014-09-20 13:29 - 2012-11-01 15:35 - 00016392 _____ (PC Tools) C:\Windows\system32\Drivers\pctBTFix64.sys
2014-09-20 13:29 - 2012-10-31 14:21 - 00347016 _____ (PC Tools) C:\Windows\system32\Drivers\pctgntdi64.sys
2014-09-20 13:29 - 2012-10-31 14:21 - 00258424 _____ (PC Tools) C:\Windows\system32\Drivers\pctwfpfilter64.sys
2014-09-20 13:22 - 2014-09-20 20:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2014-09-20 13:19 - 2014-09-20 14:20 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-09-20 13:18 - 2014-09-24 12:44 - 02751734 _____ () C:\Windows\system32\Drivers\Cat.DB
2014-09-20 13:18 - 2012-11-01 15:35 - 00253256 _____ (PC Tools) C:\Windows\system32\Drivers\PCTSD64.sys
2014-09-20 13:18 - 2012-10-22 16:38 - 00413448 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore64.sys
2014-09-20 13:18 - 2012-02-28 11:43 - 01096176 _____ (PC Tools) C:\Windows\system32\Drivers\pctEFA64.sys
2014-09-20 13:18 - 2012-02-28 11:43 - 00453896 _____ (PC Tools) C:\Windows\system32\Drivers\pctDS64.sys
2014-09-20 13:17 - 2014-09-21 00:08 - 00000000 ____D () C:\ProgramData\PC Tools
2014-09-20 13:17 - 2014-09-20 13:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TestApp
2014-09-19 21:33 - 2014-09-19 21:33 - 00072016 _____ (BullGuard Ltd.) C:\Windows\system32\BGLsp.dll
2014-09-19 21:33 - 2014-09-19 21:33 - 00059216 _____ (BullGuard Ltd.) C:\Windows\SysWOW64\BGLsp.dll
2014-09-19 21:33 - 2014-09-19 21:32 - 00124360 _____ (BullGuard Ltd.) C:\Windows\system32\BgGamingMonitor.dll
2014-09-19 21:33 - 2014-09-19 21:32 - 00111952 _____ (BullGuard Ltd.) C:\Windows\SysWOW64\BgGamingMonitor.dll
2014-09-19 21:27 - 2014-09-26 21:49 - 00000664 _____ () C:\Windows\system32\config\afw_hm.conf
2014-09-19 21:27 - 2014-09-26 21:49 - 00000004 _____ () C:\Windows\system32\config\afw_db.conf
2014-09-19 21:04 - 2014-09-27 00:00 - 00000000 ____D () C:\ProgramData\BullGuard
2014-09-19 21:04 - 2014-09-26 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard
2014-09-19 21:04 - 2014-09-23 20:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\BullGuard
2014-09-19 21:04 - 2014-09-19 21:04 - 00000990 _____ () C:\Users\Public\Desktop\BullGuard.lnk
2014-09-19 21:03 - 2014-09-19 21:03 - 00000000 ____D () C:\Program Files\Common Files\BullGuard Ltd
2014-09-19 21:03 - 2014-09-19 21:03 - 00000000 ____D () C:\Program Files\BullGuard Ltd
2014-09-19 18:36 - 2014-09-19 18:36 - 00000000 ____D () C:\Users\Admin\Desktop\BullGuard Internet Security 2013 13.0.252
2014-09-19 18:17 - 2014-09-19 18:17 - 00000116 _____ () C:\Users\Public\Desktop\NortonIdentitySafe.url
2014-09-19 18:07 - 2014-09-19 20:58 - 00000000 ____D () C:\ProgramData\Norton
2014-09-19 17:49 - 2014-09-19 17:49 - 00000847 _____ () C:\Users\Admin\Desktop\µTorrent.lnk
2014-09-19 13:11 - 2014-09-19 17:19 - 00003416 _____ () C:\Windows\System32\Tasks\Ad-Aware Update (Daily 4)
2014-09-19 13:11 - 2014-09-19 17:19 - 00003416 _____ () C:\Windows\System32\Tasks\Ad-Aware Update (Daily 3)
2014-09-19 13:11 - 2014-09-19 17:19 - 00003416 _____ () C:\Windows\System32\Tasks\Ad-Aware Update (Daily 2)
2014-09-19 13:11 - 2014-09-19 17:19 - 00003416 _____ () C:\Windows\System32\Tasks\Ad-Aware Update (Daily 1)
2014-09-17 17:07 - 2014-09-19 21:28 - 00003284 _____ () C:\Windows\SysWOW64\ANIWZCS{FF1E517A-A835-4C7F-8C9B-C9C9E514C8E4}
2014-09-17 17:07 - 2014-09-19 21:28 - 00003284 _____ () C:\Users\Admin\AppData\Roaming\ANIWZCS{FF1E517A-A835-4C7F-8C9B-C9C9E514C8E4}
2014-09-17 17:07 - 2014-09-17 17:11 - 00000006 _____ () C:\Windows\SysWOW64\ANIWZCSUSERNAME{FF1E517A-A835-4C7F-8C9B-C9C9E514C8E4}
2014-09-16 19:35 - 2014-09-23 20:16 - 00000000 ____D () C:\Users\Admin\Desktop\MarkC_Windows_8.x+7_MouseFix
2014-09-14 17:11 - 2014-09-14 17:11 - 00000000 ____D () C:\Windows\pss
2014-09-13 20:23 - 2014-09-13 20:23 - 00000202 _____ () C:\Users\Admin\Desktop\Call of Duty Black Ops II - Multiplayer.url
2014-09-13 15:02 - 2014-09-13 15:02 - 00000000 ____D () C:\Users\Admin\Documents\Electronic Arts
2014-09-13 13:38 - 2014-09-20 23:05 - 00000000 ____D () C:\Users\Admin\Desktop\Backups (1)
2014-09-13 13:37 - 2014-09-13 21:36 - 00000000 ____D () C:\Users\Admin\Desktop\Videos und Templates (1)
2014-09-12 22:07 - 2014-09-19 17:18 - 00011614 _____ () C:\aaw7boot.log
2014-09-11 17:21 - 2014-09-23 15:00 - 00012162 _____ () C:\Users\Admin\Desktop\Unbenannt 1.odt
2014-09-11 16:13 - 2014-09-23 20:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TIPP10
2014-09-11 16:13 - 2014-09-11 16:13 - 00000939 _____ () C:\Users\Admin\Desktop\TIPP10.lnk
2014-09-11 16:13 - 2014-09-11 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TIPP10
2014-09-11 16:13 - 2014-09-11 16:13 - 00000000 ____D () C:\Program Files (x86)\Tipp10
2014-09-11 15:50 - 2014-09-11 15:50 - 00659456 _____ (Speed Guide Inc.) C:\Users\Admin\Desktop\TCP308Optimizer.exe
2014-09-10 17:34 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 17:34 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 17:34 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 17:34 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 17:34 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 17:34 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 17:34 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 17:34 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 17:34 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 17:34 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 17:34 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 17:34 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 17:34 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 17:34 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 17:34 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 17:34 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 17:34 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 17:34 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 17:34 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 17:34 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 17:34 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 17:34 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 17:34 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 17:34 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 17:34 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 17:34 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 17:34 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 17:34 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 17:34 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 17:34 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 17:34 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 17:34 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 17:34 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 17:34 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 17:34 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 17:34 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 17:34 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 17:34 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 17:34 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 17:34 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 17:34 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 17:34 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 17:34 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 17:34 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 17:34 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 17:34 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 17:34 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 17:34 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 17:34 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 17:34 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 17:34 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 17:34 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 17:34 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 17:34 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 17:34 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 17:34 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 17:27 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 17:27 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 12:53 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 12:53 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 12:52 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 12:52 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 12:52 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 12:52 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 12:52 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 12:52 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 12:52 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 12:50 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 12:50 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-07 19:42 - 2014-09-07 19:42 - 00327444 _____ () C:\Users\Admin\Desktop\Untitled Project.aep
2014-09-07 17:52 - 2014-09-07 18:24 - 00374016 _____ () C:\Users\Admin\Desktop\Ohne Titel 1.c4d
2014-09-06 20:43 - 2014-09-09 04:32 - 00000000 ____D () C:\ProgramData\InstallShield
2014-09-06 20:01 - 2012-08-30 15:20 - 02550968 _____ (Beepa P/L) C:\Users\Admin\Desktop\fraps.exe
2014-09-06 20:00 - 2014-09-09 04:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-09-06 19:59 - 2014-09-06 19:59 - 02777920 ____R (Beepa Pty Ltd) C:\Users\Admin\Desktop\Videos und Templates (1).exe
2014-09-06 17:27 - 2014-09-06 17:27 - 00000202 _____ () C:\Users\Admin\Desktop\Dead Island Riptide.url
2014-09-06 16:54 - 2014-09-13 23:47 - 00000137 _____ () C:\Windows\wininit.ini
2014-09-05 18:57 - 2014-09-26 21:23 - 01503479 ____N () C:\Windows\WindowsUpdate.log
2014-09-05 15:03 - 2014-09-05 15:03 - 00000000 ____D () C:\Program Files\Lavasoft
2014-09-05 15:02 - 2014-09-19 17:30 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Red Giant
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\LooksBuilder
2014-09-03 10:34 - 2014-09-03 10:34 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-09-02 19:42 - 2014-09-02 19:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-02 19:24 - 2014-09-02 19:24 - 00010099 _____ () C:\Users\Admin\Desktop\Neues Textdokument (3).txt
2014-09-02 19:09 - 2014-09-14 00:09 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-02 19:09 - 2014-09-13 23:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-02 19:09 - 2014-09-02 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-02 18:46 - 2013-12-10 20:09 - 00038200 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-09-02 18:46 - 2013-12-10 20:09 - 00030520 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-09-02 18:44 - 2014-09-02 18:59 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-09-02 18:44 - 2013-12-10 20:09 - 00035640 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-09-02 18:44 - 2013-12-10 20:09 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-09-02 18:44 - 2013-12-10 20:09 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-09-02 18:43 - 2014-09-02 18:43 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-09-02 18:37 - 2014-09-17 16:58 - 00003284 _____ () C:\Windows\SysWOW64\ANIWZCS{AE484948-5927-43C6-B61E-5E6BEC9F9B43}
2014-09-02 18:37 - 2014-09-17 16:58 - 00003284 _____ () C:\Users\Admin\AppData\Roaming\ANIWZCS{AE484948-5927-43C6-B61E-5E6BEC9F9B43}
2014-09-02 18:37 - 2014-09-02 18:42 - 00000006 _____ () C:\Windows\SysWOW64\ANIWZCSUSERNAME{AE484948-5927-43C6-B61E-5E6BEC9F9B43}
2014-09-02 18:02 - 2014-09-02 18:02 - 00000687 _____ () C:\awh4D06.tmp
2014-09-02 17:21 - 2014-09-02 17:21 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-09-02 17:21 - 2014-09-02 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-09-02 17:21 - 2014-09-02 17:21 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-09-02 14:23 - 2014-09-02 14:23 - 00000687 _____ () C:\awh4BDE.tmp
2014-09-02 14:17 - 2014-09-09 04:32 - 00000000 ____D () C:\Program Files (x86)\Analog Devices
2014-09-02 14:17 - 2014-09-06 20:44 - 00000000 ____D () C:\ProgramData\SonicFocus
2014-09-02 14:16 - 2014-09-02 14:16 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\InstallShield
2014-09-02 13:45 - 2014-09-02 13:45 - 00000687 _____ () C:\awh4DA2.tmp
2014-09-02 13:42 - 2014-09-02 13:42 - 00003114 _____ () C:\Windows\System32\Tasks\{191EEEBA-8EF2-45B7-8518-828C8B42A75A}
2014-09-02 13:29 - 2014-09-02 13:29 - 00000687 _____ () C:\awh3CA2.tmp
2014-09-02 13:08 - 2014-09-02 13:08 - 00003114 _____ () C:\Windows\System32\Tasks\{7DCF2F6D-5A7C-4A28-BCDF-F25626847C96}
2014-09-02 13:07 - 2014-09-02 13:07 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WinBatch
2014-09-02 13:02 - 2014-09-02 13:02 - 00000687 _____ () C:\awh4E1F.tmp
2014-09-02 13:00 - 2014-09-02 13:00 - 00003114 _____ () C:\Windows\System32\Tasks\{ED629535-C3FF-4BAB-8BC6-B2347DFA9ABD}
2014-09-02 12:44 - 2014-09-02 12:44 - 00000687 _____ () C:\awh38FA.tmp
2014-09-02 12:37 - 2014-09-02 12:37 - 00000687 _____ () C:\awh4B71.tmp
2014-09-02 12:11 - 2014-09-02 12:11 - 00000687 _____ () C:\awh3AED.tmp
2014-09-02 12:02 - 2014-09-02 12:02 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-02 11:43 - 2014-09-02 11:43 - 00000687 _____ () C:\awh317B.tmp
2014-09-01 22:51 - 2014-09-01 22:51 - 00000687 _____ () C:\awh42C9.tmp
2014-09-01 22:42 - 2014-09-01 22:42 - 00003114 _____ () C:\Windows\System32\Tasks\{8B252ED1-42C0-448A-815A-C341F1ABEF08}
2014-09-01 22:22 - 2014-09-01 22:22 - 00000687 _____ () C:\awh68D0.tmp
2014-09-01 17:49 - 2014-09-01 17:49 - 00000687 _____ () C:\awhEA2F.tmp
2014-09-01 17:38 - 2014-09-01 17:38 - 00000687 _____ () C:\awh50DE.tmp
2014-09-01 17:23 - 2014-09-01 17:23 - 00000687 _____ () C:\awh3948.tmp
2014-08-31 23:37 - 2014-09-13 15:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-31 23:37 - 2014-08-31 23:37 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-31 23:37 - 2014-08-31 23:37 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-31 22:47 - 2014-08-31 22:47 - 00000687 _____ () C:\awh69E9.tmp
2014-08-31 22:13 - 2014-08-31 22:13 - 00000687 _____ () C:\awh4691.tmp
2014-08-31 21:50 - 2014-08-31 21:50 - 00000687 _____ () C:\awh643E.tmp
2014-08-31 21:33 - 2014-08-31 21:33 - 00000687 _____ () C:\awh642E.tmp
2014-08-31 21:00 - 2014-08-31 21:00 - 00000687 _____ () C:\awhC2E1.tmp
2014-08-31 20:42 - 2014-08-31 20:42 - 00000687 _____ () C:\awh4597.tmp
2014-08-31 20:21 - 2014-08-31 20:21 - 00000687 _____ () C:\awh9E70.tmp
2014-08-31 20:06 - 2014-08-31 20:06 - 00000687 _____ () C:\awhFF7.tmp
2014-08-31 19:54 - 2014-08-31 19:54 - 00000687 _____ () C:\awhC7C1.tmp
2014-08-31 19:27 - 2014-08-31 19:27 - 00000687 _____ () C:\awh364B.tmp
2014-08-31 18:29 - 2014-08-31 18:29 - 00000687 _____ () C:\awhFD9F.tmp
2014-08-31 17:54 - 2014-08-31 17:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-08-31 17:45 - 2014-08-31 17:45 - 00000687 _____ () C:\awh5D99.tmp
2014-08-31 17:19 - 2014-09-01 18:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-31 17:17 - 2014-08-31 17:17 - 00000687 _____ () C:\awh61DD.tmp
2014-08-31 16:05 - 2014-08-31 16:09 - 00000016 _____ () C:\Windows\system32\ACRAMDiskHandlerService64R_D4.ini
2014-08-31 16:01 - 2014-08-31 16:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ArchiCrypt Ultimate RAM-Disk3
2014-08-31 15:58 - 2014-09-02 18:31 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-08-31 15:58 - 2014-08-31 15:59 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-08-31 15:54 - 2014-08-31 15:54 - 00000687 _____ () C:\awh4421.tmp
2014-08-31 15:28 - 2014-08-31 15:28 - 00000687 _____ () C:\awh821A.tmp
2014-08-31 13:57 - 2014-09-02 14:37 - 00001863 _____ () C:\Users\Admin\Desktop\Spielen.wpl
2014-08-31 13:09 - 2014-08-31 13:09 - 00000687 _____ () C:\awhE5AC.tmp
2014-08-31 12:54 - 2014-08-31 12:54 - 00000687 _____ () C:\awh29AE.tmp
2014-08-31 12:48 - 2014-08-31 13:00 - 00000000 ____D () C:\Program Files (x86)\Dr. Hardware 2014
2014-08-31 12:48 - 2013-07-21 17:41 - 00013760 _____ () C:\Windows\system32\Drivers\DRHMSR64.sys
2014-08-31 12:48 - 2011-11-03 18:05 - 00021984 _____ (Licensed for Gebhard Software) C:\Windows\system32\Drivers\DRHARD64.sys
2014-08-31 12:43 - 2014-08-31 12:43 - 00000687 _____ () C:\awh6D71.tmp
2014-08-31 11:48 - 2014-08-31 11:48 - 00000687 _____ () C:\awh77AE.tmp
2014-08-30 23:38 - 2014-08-30 23:38 - 00003268 _____ () C:\Windows\System32\Tasks\{D73CC3C7-C0D9-43F2-AC25-00A0F7746475}
2014-08-30 23:08 - 2014-08-31 11:42 - 00000406 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2014-08-30 23:08 - 2014-08-30 23:08 - 00003810 _____ () C:\Windows\System32\Tasks\DriverEasy Scheduled Scan
2014-08-30 23:08 - 2014-08-30 23:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Easeware
2014-08-30 23:07 - 2014-08-30 23:07 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-08-30 23:07 - 2014-08-30 23:07 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Abelssoft
2014-08-30 23:06 - 2014-08-31 13:56 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-30 23:06 - 2014-08-30 23:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Abelssoft
2014-08-30 23:06 - 2014-08-30 23:06 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-30 21:41 - 2014-08-30 21:41 - 00000687 _____ () C:\awh3CC1.tmp
2014-08-30 20:40 - 2014-08-30 20:40 - 00000687 _____ () C:\awh4E5D.tmp
2014-08-30 19:39 - 2014-08-30 19:39 - 00000687 _____ () C:\awh448E.tmp
2014-08-30 15:11 - 2014-08-30 15:11 - 00000687 _____ () C:\awh3E66.tmp
2014-08-30 12:30 - 2014-08-30 12:30 - 00000687 _____ () C:\awh3D6D.tmp
2014-08-30 00:44 - 2014-08-30 19:15 - 00000000 ____D () C:\Program Files\Rainmeter
2014-08-30 00:44 - 2014-08-30 00:44 - 00000000 ____D () C:\Users\Admin\Documents\Rainmeter
2014-08-30 00:44 - 2014-08-30 00:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Rainmeter
2014-08-30 00:37 - 2014-08-30 00:37 - 00000000 ____D () C:\Users\Admin\Documents\XWidget
2014-08-29 19:22 - 2014-08-29 19:22 - 00000687 _____ () C:\awh67B7.tmp
2014-08-29 19:21 - 2014-08-29 19:21 - 00000000 ____D () C:\ProgramData\ATI
2014-08-29 19:12 - 2014-08-29 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-08-29 19:12 - 2014-08-29 19:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-29 19:10 - 2014-08-29 19:10 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-08-29 19:09 - 2014-08-29 19:12 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-29 18:47 - 2014-08-29 18:47 - 00000687 _____ () C:\awh3497.tmp
2014-08-29 16:31 - 2014-08-29 16:31 - 00000687 _____ () C:\awh4568.tmp
2014-08-29 14:07 - 2014-09-20 23:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-08-29 12:17 - 2014-08-29 12:17 - 00000687 _____ () C:\awh72AF.tmp
2014-08-28 19:55 - 2014-08-28 19:55 - 00000687 _____ () C:\awh56F5.tmp
2014-08-28 12:29 - 2014-08-28 12:29 - 00000687 _____ () C:\awh5418.tmp
2014-08-28 11:43 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 11:43 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 11:43 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 11:37 - 2014-08-28 11:37 - 00000687 _____ () C:\awh40C7.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-26 23:47 - 2013-09-27 08:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-26 23:32 - 2014-05-07 17:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-09-26 23:32 - 2014-05-01 22:04 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-26 21:59 - 2014-08-07 13:37 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-26 21:57 - 2009-07-14 06:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-26 21:57 - 2009-07-14 06:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-26 21:50 - 2014-05-01 22:04 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-26 21:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-26 21:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-09-26 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-26 18:47 - 2013-09-27 08:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-26 18:47 - 2013-09-27 08:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-26 18:47 - 2013-09-27 08:12 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-26 07:11 - 2013-09-27 08:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-09-26 01:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-26 01:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-09-26 01:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-26 01:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-25 17:26 - 2009-08-30 07:25 - 00699190 _____ () C:\Windows\system32\perfh007.dat
2014-09-25 17:26 - 2009-08-30 07:25 - 00149330 _____ () C:\Windows\system32\perfc007.dat
2014-09-25 17:26 - 2009-07-14 07:13 - 01619700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-25 15:47 - 2013-09-26 10:30 - 00000000 ____D () C:\Users\Admin
2014-09-23 14:33 - 2014-08-06 23:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-23 04:36 - 2013-09-26 10:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-22 18:55 - 2014-07-19 07:30 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-09-21 17:37 - 2014-06-29 18:05 - 00000000 ____D () C:\Download Genius
2014-09-21 17:24 - 2014-08-16 13:48 - 00007591 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-09-20 23:03 - 2014-05-10 18:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2014-09-19 22:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-19 21:33 - 2012-09-13 17:13 - 00034928 _____ (BullGuard Ltd.) C:\Windows\system32\Drivers\BdNet.sys
2014-09-19 21:33 - 2012-06-26 11:48 - 00068720 _____ (BullGuard Ltd.) C:\Windows\system32\Drivers\BdSpy.sys
2014-09-19 21:33 - 2012-06-26 11:48 - 00040544 ____R (Agnitum Ltd.) C:\Windows\system32\Drivers\afw.sys
2014-09-19 21:31 - 2012-06-26 11:48 - 00464480 ____R (Agnitum Ltd.) C:\Windows\system32\Drivers\afwcore.sys
2014-09-19 21:31 - 2012-06-26 11:48 - 00350160 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys
2014-09-18 13:59 - 2013-09-27 08:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-15 09:06 - 2013-09-26 16:39 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 23:14 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-13 15:58 - 2014-05-31 14:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2014-09-13 13:38 - 2014-07-15 13:00 - 00000000 ____D () C:\Users\Admin\Desktop\Bilder
2014-09-13 13:10 - 2014-07-18 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-09-13 13:09 - 2014-07-21 19:54 - 00000000 ____D () C:\ProgramData\Origin
2014-09-13 13:09 - 2014-07-21 19:54 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-13 12:56 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-13 11:47 - 2014-05-24 10:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2014-09-12 18:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\TAPI
2014-09-10 17:32 - 2014-04-28 15:03 - 01593044 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 17:31 - 2013-09-26 18:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 17:28 - 2013-09-26 18:19 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 17:26 - 2014-04-30 09:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 19:59 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-09-09 04:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-09-07 19:31 - 2014-08-12 21:14 - 00000000 ____D () C:\ProgramData\GenArts
2014-09-03 20:10 - 2014-08-25 18:43 - 00000542 _____ () C:\Users\Admin\Desktop\Neues Textdokument (2).txt
2014-09-02 20:07 - 2014-08-03 00:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Imminent
2014-09-02 20:07 - 2014-06-29 18:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\32442
2014-09-02 19:57 - 2014-08-01 17:38 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-02 18:46 - 2014-07-04 14:21 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-09-02 18:44 - 2014-05-01 20:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TuneUp Software
2014-09-02 18:28 - 2014-05-01 19:55 - 00003284 _____ () C:\Users\Admin\AppData\Roaming\ANIWZCS{53E6C77B-3D60-4057-B24C-E08BBB03BB0E}
2014-09-02 18:24 - 2014-08-24 15:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Razer
2014-09-02 18:24 - 2014-08-24 15:06 - 00000000 ____D () C:\ProgramData\Razer
2014-09-02 18:24 - 2014-08-24 15:06 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-09-02 17:58 - 2014-05-01 19:55 - 00003284 _____ () C:\Windows\SysWOW64\ANIWZCS{53E6C77B-3D60-4057-B24C-E08BBB03BB0E}
2014-09-02 17:05 - 2014-05-07 17:12 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-09-02 13:47 - 2013-09-26 10:35 - 00000000 ____D () C:\swsetup
2014-09-02 12:42 - 2014-07-19 08:02 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-01 17:56 - 2013-09-29 03:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-09-01 17:56 - 2013-09-27 08:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-31 23:49 - 2014-08-27 12:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Media Player Classic
2014-08-31 23:48 - 2014-07-30 19:12 - 00000000 ____D () C:\Windows\Minidump
2014-08-31 23:48 - 2013-09-26 20:17 - 00000000 ____D () C:\Windows\Panther
2014-08-31 14:21 - 2014-07-31 21:39 - 00000000 ____D () C:\Users\Admin\Desktop\Songs
2014-08-31 14:13 - 2014-08-25 19:30 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-08-31 14:13 - 2014-08-25 19:29 - 00000000 ____D () C:\ProgramData\DivX
2014-08-31 14:12 - 2014-08-16 15:40 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-08-31 13:57 - 2014-05-30 10:44 - 00007168 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-31 13:07 - 2014-08-06 19:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2014-08-31 11:44 - 2009-07-14 06:45 - 05365864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-30 23:08 - 2013-09-26 10:39 - 00118952 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-30 22:57 - 2014-08-12 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE
2014-08-30 13:11 - 2014-07-11 19:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Audacity
2014-08-30 13:03 - 2014-05-01 22:38 - 00000000 ____D () C:\Users\Admin\AppData\Local\Battle.net
2014-08-29 19:12 - 2014-05-02 15:43 - 00000000 ____D () C:\ProgramData\AMD
2014-08-28 21:52 - 2014-05-18 12:57 - 00009458 _____ () C:\Users\Admin\Desktop\WICHTIG!!!.odt
2014-08-28 13:46 - 2014-07-21 22:49 - 00000000 ____D () C:\Users\Admin\Documents\FIFA World

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {current}
resumeobject            {dddb3c02-26d7-11e3-8eea-82ba6f502484}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 3

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {dddb3c06-26d7-11e3-8eea-82ba6f502484}
truncatememory          0x100000000
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {dddb3c02-26d7-11e3-8eea-82ba6f502484}
nx                      OptIn
numproc                 4
usefirmwarepcisettings  No

Windows-Startladeprogramm
-------------------------
Bezeichner              {dddb3c06-26d7-11e3-8eea-82ba6f502484}
device                  ramdisk=[C:]\Recovery\dddb3c06-26d7-11e3-8eea-82ba6f502484\Winre.wim,{dddb3c07-26d7-11e3-8eea-82ba6f502484}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\dddb3c06-26d7-11e3-8eea-82ba6f502484\Winre.wim,{dddb3c07-26d7-11e3-8eea-82ba6f502484}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {dddb3c02-26d7-11e3-8eea-82ba6f502484}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Geräteoptionen
--------------
Bezeichner              {dddb3c07-26d7-11e3-8eea-82ba6f502484}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\dddb3c06-26d7-11e3-8eea-82ba6f502484\boot.sdi



LastRegBack: 2014-09-26 19:29

==================== End Of Log ============================
         
--- --- ---

Alt 27.09.2014, 16:22   #7
DYMLP
 
Verdacht auf Viren/Trojaner - Standard

Verdacht auf Viren/Trojaner



Code:
ATTFilter
Users shortcut scan result (x64) Version: 26-09-2014
Ran by Admin at 2014-09-27 00:02:39
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)



Shortcut: C:\Users\Admin\Links\Creative Cloud Files.lnk -> C:\Users\Admin\Creative Cloud Files ()
Shortcut: C:\Users\Admin\Links\Desktop.lnk -> C:\Users\Admin\Desktop ()
Shortcut: C:\Users\Admin\Links\Downloads.lnk -> C:\Users\Admin\Downloads ()
Shortcut: C:\Users\Admin\Links\SkyDrive.lnk -> C:\Users\Admin\SkyDrive ()
Shortcut: C:\Users\Admin\Documents\Adobe\After Effects CC\User Presets\(Adobe).lnk -> C:\Program Files\Adobe\Adobe After Effects CC\Support Files\Presets ()
Shortcut: C:\Users\Admin\Desktop\Any Video Converter.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe (AnvSoft)
Shortcut: C:\Users\Admin\Desktop\Dxtory.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe (Dxtory Software)
Shortcut: C:\Users\Admin\Desktop\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\Users\Admin\Desktop\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Admin\Desktop\Open Broadcaster Software.lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Admin\Desktop\Spotify.lnk -> C:\Users\Admin\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Admin\Desktop\TIPP10.lnk -> C:\Program Files (x86)\Tipp10\tipp10.exe ()
Shortcut: C:\Users\Admin\Desktop\WinDirStat.lnk -> C:\Program Files (x86)\WinDirStat\windirstat.exe (Seifert)
Shortcut: C:\Users\Admin\Desktop\µTorrent.lnk -> C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Admin\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\README.lnk -> C:\Program Files\Unlocker\README.TXT ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Start Unlocker.lnk -> C:\Program Files\Unlocker\Unlocker.exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Uninstall.lnk -> C:\Program Files\Unlocker\uninst.exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Website.lnk -> C:\Program Files\Unlocker\Unlocker.url ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (32bit).lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (64bit).lnk -> C:\Program Files\OBS\OBS.exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Uninstall.lnk -> C:\Program Files (x86)\OBS\uninstall.exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\ClearProg.lnk -> C:\Program Files (x86)\ClearProg\ClearProg.exe (privat)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ClearProg.lnk -> C:\Program Files (x86)\ClearProg\ClearProg.exe (privat)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe After Effects CC.lnk -> C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CC 2014.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Cinema 4D.lnk -> C:\Program Files (x86)\Cinema 4D R12\CINEMA 4D 64 Bit.exe (MAXON Computer GmbH)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Minecraft (1).lnk -> C:\Users\Admin\Desktop\Minecraft (1).exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> G:\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\t6mp.lnk -> G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe (Activision Publishing Inc.)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (3).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\World of Warcraft Setup (2).lnk -> C:\Users\Admin\Desktop\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\World of Warcraft Setup (3).lnk -> C:\Users\Admin\Desktop\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\World of Warcraft Setup (4).lnk -> C:\Users\Admin\Desktop\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\World of Warcraft Setup (5).lnk -> C:\Users\Admin\Desktop\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\World of Warcraft Setup.lnk -> C:\Users\Admin\Desktop\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC.lnk -> C:\Program Files\Adobe\Adobe After Effects CC\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk -> C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk -> C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC.lnk -> C:\Program Files\Adobe\Adobe Media Encoder CC\Adobe Media Encoder.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk -> C:\Program Files\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw\Uninstall x264vfw.lnk -> C:\Program Files (x86)\x264vfw\x264vfw-uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk -> C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat\Hilfe (DEU).lnk -> C:\Program Files (x86)\WinDirStat\wdsh0407.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TIPP10\TIPP10.lnk -> C:\Program Files (x86)\Tipp10\tipp10.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TIPP10\Uninstall.lnk -> C:\Program Files (x86)\Tipp10\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk -> C:\Windows\Installer\{FB05EAA3-D938-4EDA-9A38-88543E52680C}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk -> C:\Windows\Installer\{FB05EAA3-D938-4EDA-9A38-88543E52680C}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> G:\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk -> C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe (Sony Creative Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Liesmich.lnk -> C:\Program Files\Sony\Vegas Pro 13.0\Readme\Vegas_readme_deu.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Red Giant Link.lnk -> C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Uninstall Color Suite.lnk -> C:\Program Files (x86)\Red Giant\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center\Microsoft-Maus- und Tastatur-Center.lnk -> C:\Windows\Installer\{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}\DeviceCenter.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Views\Magic Views.lnk -> C:\Program Files (x86)\Magic Views\Magic views 2.3.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Views\Uninstall.lnk -> C:\Program Files (x86)\Magic Views\uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Views\Website.lnk -> C:\Program Files (x86)\Magic Views\Magic Views.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Management and Security\Intel(R) Management and Security Status.lnk -> C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Sapphire AE Online Help (HTML).lnk -> C:\Program Files (x86)\GenArts\SapphireAE\docs\intro.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Sapphire AE Online Help (PDF).lnk -> C:\Program Files (x86)\GenArts\SapphireAE\docs\Sapphire-Users-Guide-AE.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Sapphire Flare Designer.lnk -> C:\Program Files (x86)\GenArts\SapphireAE\flare-editor\flare_editor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Uninstall Sapphire AE.lnk -> C:\Program Files (x86)\GenArts\SapphireAE\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> G:\Neuer Ordner\fraps.exe (Beepa P/L)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> G:\Neuer Ordner\uninstall.exe (Beepa Pty Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIFix.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\AVIFix.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIMux.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\AVIMux.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory Video Setting.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\DxtoryVideoSetting.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\Dxtory.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\EULA.txt.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\EULA_en.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\License Register.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\LicReg.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\RawCapConv.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\RawCapConv.exe (Dxtory Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\readme.txt.lnk -> C:\Program Files (x86)\Dxtory Software\Dxtory2.0\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClearProg\ClearProg.lnk -> C:\Program Files (x86)\ClearProg\ClearProg.exe (privat)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClearProg\Uninstall.lnk -> C:\Program Files (x86)\ClearProg\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClearProg\Website.lnk -> C:\Program Files (x86)\ClearProg\ClearProg.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema 4D R12\Cinema 4D.lnk -> C:\Program Files (x86)\Cinema 4D R12\CINEMA 4D 64 Bit.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema 4D R12\Uninstall Cinema 4D.lnk -> C:\Program Files (x86)\Cinema 4D R12\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Catalyst Control Center.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard\BullGuard.lnk -> C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter entfernen.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter im Internet.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe (AnvSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files (x86)\7-Zip\7-zip.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\Public\Desktop\BullGuard.lnk -> C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.)
Shortcut: C:\Users\Public\Desktop\Camtasia Studio 8.lnk -> G:\Camtasia\CamtasiaStudio.exe (TechSmith Corporation)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Cinema 4D.lnk -> C:\Program Files (x86)\Cinema 4D R12\CINEMA 4D 64 Bit.exe (MAXON Computer GmbH)
Shortcut: C:\Users\Public\Desktop\ClearProg.lnk -> C:\Program Files (x86)\ClearProg\ClearProg.exe (privat)
Shortcut: C:\Users\Public\Desktop\CPUID CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk -> C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe (Sony Creative Software Inc.)




ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (2).lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw\Configure x264vfw.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> x264vfw.dll,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trapcode Form\Remove Trapcode Form.lnk -> C:\Windows\unvise32.exe (MindVision Software) -> C:\PROGRA~1\ADOBE\ADOBEA~2\SUPPOR~1\PLUG-INS\TRAPCO~1.LOG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Check for Sapphire AE Updates.lnk -> C:\Program Files (x86)\GenArts\SapphireAE\genarts-frontend.exe (GenArts, Inc.) -> --update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Install Sapphire AE RLM License.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files (x86)\GenArts\rlm\SapphireAE.lic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Install Sapphire AE Serial Number.lnk -> C:\Program Files (x86)\GenArts\SapphireAE\genarts-frontend.exe (GenArts, Inc.) -> -license-install
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Hilfe.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo


InternetURL: C:\Users\Admin\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Admin\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Admin\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Admin\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Admin\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Admin\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Admin\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Admin\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Admin\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Admin\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Admin\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Admin\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Admin\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Admin\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Admin\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Admin\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\Admin\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Admin\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Admin\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Admin\Desktop\Call of Duty Black Ops II - Multiplayer.url -> steam://rungameid/202990
InternetURL: C:\Users\Admin\Desktop\Call of Duty Black Ops II - Zombies.url -> steam://rungameid/212910
InternetURL: C:\Users\Admin\Desktop\Call of Duty Black Ops II.url -> steam://rungameid/202970
InternetURL: C:\Users\Admin\Desktop\Dead Island Riptide.url -> steam://rungameid/216250
InternetURL: C:\Users\Admin\Desktop\Dota 2.url -> steam://rungameid/570
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard\Visit BullGuard on the Web.url -> hxxp://www.bullguard.com
InternetURL: C:\Users\Public\Desktop\NortonIdentitySafe.url -> hxxp://liveupdate.symantecliveupdate.com/upgrade/identitysafe/NortonIdentitySafe-v1-LB.exe

==================== End of log =============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2014
Ran by Admin at 2014-09-27 00:01:17
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: BullGuard Antivirus (Enabled - Up to date) {C3CCAC61-52F7-A056-1860-6406566E2578}
AS: BullGuard Antispyware (Enabled - Up to date) {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: PC Tools Spyware Doctor (Disabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}
FW: BullGuard Firewall (Enabled) {FBF72D44-1898-A10E-333F-CD33A8BD6203}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 5.6.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Browser Guard 4.0 (HKLM-x32\...\Browser Defender_is1) (Version: 4.0.0.1884 - PC Tools)
BullGuard (HKLM\...\BullGuard) (Version: 13.0 - BullGuard Ltd.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{FB05EAA3-D938-4EDA-9A38-88543E52680C}) (Version: 8.4.3.1792 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
ClearProg 1.6.0 Final (HKLM-x32\...\ClearProg) (Version: 1.6.0 Final - Sven Hoffman)
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D-Link Wireless G DWL-G122_DWA-110 (HKLM-x32\...\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}) (Version: 1.00.0000 - D-Link)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GenArts Sapphire Plug-ins 6.16 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version:  - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Softpaq SP45813  (HKLM-x32\...\SP45813) (Version:  - )
HP Softpaq SP45814  (HKLM-x32\...\SP45814) (Version:  - )
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version:  - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.100.5 - Red Giant, LLC)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.7255 - Analog Devices)
Spotify (HKCU\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Trapcode Form (HKLM-x32\...\Trapcode Form) (Version:  - )
Trapcode Suite 32-bit (HKLM-x32\...\InstallShield_{9E557F6E-E2FC-4D2F-B9B1-B7396CCE4CA0}) (Version: 12.1.1 - Red Giant)
Trapcode Suite 32-bit (x32 Version: 12.1.1 - Red Giant) Hidden
TuneUp Utilities 2013 (x32 Version: 13.0.4000.181 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 13.0.4000.181 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{CE92F061-BFBC-11E3-8FF3-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

22-09-2014 16:07:14 Installed AMD OverDrive.
22-09-2014 16:20:05 Intel Extreme Tuning Utility
22-09-2014 16:22:03 Intel Extreme Tuning Utility
22-09-2014 16:25:02 Intel Extreme Tuning Utility
22-09-2014 16:25:33 Intel Extreme Tuning Utility
22-09-2014 16:56:17 Intel Extreme Tuning Utility
22-09-2014 16:59:47 Intel Extreme Tuning Utility
22-09-2014 17:07:52 Windows Update
23-09-2014 12:32:05 Intel Extreme Tuning Utility
23-09-2014 13:51:08 Windows Update
23-09-2014 15:34:25 OpenOffice 4.1.0 wird entfernt
24-09-2014 10:48:38 Windows Update
25-09-2014 15:11:36 Windows Update
26-09-2014 21:35:34 XP-Clean Speed wird installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-19 13:50 - 00001064 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1                   bandicam.com
127.0.0.1                   ssl.bandisoft.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {11058B99-7757-426A-AC05-7E69778239C1} - System32\Tasks\Ad-Aware Update (Daily 1) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {3CBE1445-2FB5-434A-8D75-C1E1868797DD} - System32\Tasks\Ad-Aware Update (Daily 4) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {4EA7D8DF-B7C0-480D-B157-F4831BAD7611} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {59C26C68-B9BC-4F40-B980-9C90AFCC9D2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {65B54621-CDC4-49B4-AD9C-792B36E6BB58} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-26] (Adobe Systems Incorporated)
Task: {6A667E38-A081-4F6C-9E31-67CFC59E62D3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {742321D9-43BE-49A9-8032-7436FDC03D14} - System32\Tasks\Ad-Aware Update (Daily 3) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {805A93C0-8E77-4900-8FD2-BFBE48A53DF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8284546E-63F6-4096-A98E-DA7E27BCF7B7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {933E97BD-B609-45CC-92CD-8B8590ABBDE5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {B26B59BE-BA0A-46B7-B4E5-C34DD9D25BEF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {BDA9E7C9-DE18-40BD-AC72-9665F8033C98} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {C734A48A-34B8-4E24-B1FF-1EB7F0ECCB7D} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-08-12] ()
Task: {E138C4F1-6608-4E24-8B3C-86EFD30684E8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {E2F3D3AF-3772-440D-8FB3-704FA6FA5F33} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {EC08DA32-2E5B-437B-83E6-C8354F0FCC5D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FA30E1D6-16CB-40AC-9DEA-92A22044B412} - System32\Tasks\Ad-Aware Update (Daily 2) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {FC35ADCC-1E70-460D-92CF-B13D03524F3E} - System32\Tasks\AdobeAAMUpdater-1.0-PC03-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-19 21:33 - 2014-09-19 21:30 - 00610968 _____ () c:\program files\bullguard ltd\bullguard\SQLite.dll
2012-06-26 11:32 - 2012-06-26 11:32 - 00084320 _____ () c:\program files\bullguard ltd\bullguard\zlib1.dll
2014-09-19 21:33 - 2014-09-19 21:30 - 00655712 _____ () c:\program files\bullguard ltd\bullguard\LibXml2.dll
2014-09-19 21:33 - 2014-09-19 21:30 - 00655712 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LibXml2.dll
2014-09-19 21:33 - 2014-09-19 21:33 - 00023888 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\de\BullGuardBhvScannerRes.dll
2012-06-26 11:32 - 2012-06-26 11:32 - 00065376 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LIBBZ2.dll
2012-06-26 11:32 - 2012-06-26 11:32 - 00084320 _____ () C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll
2014-05-03 21:29 - 2014-05-08 19:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-12-10 20:11 - 2013-12-10 20:11 - 00753464 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2014-09-19 21:33 - 2014-09-19 21:33 - 00078160 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpBackupRes.dll
2014-09-19 21:33 - 2014-09-19 21:33 - 00015696 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpInspectorRes.dll
2014-09-19 21:33 - 2014-09-19 21:33 - 00031056 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\de\BpMainRes.dll
2014-09-19 21:33 - 2014-09-19 21:30 - 00610968 _____ () C:\Program Files\BullGuard Ltd\BullGuard\SQLite.dll
2014-09-20 13:31 - 2012-10-23 17:40 - 00109688 _____ () C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BSPatch.dll
2014-09-20 13:31 - 2012-10-23 17:40 - 00769144 _____ () C:\Windows\BDTSupport.dll
2013-09-26 10:39 - 2009-07-24 11:29 - 00077824 _____ () C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\DTMessageLib.dll
2014-06-14 22:29 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-14 22:29 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-14 22:29 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-14 22:29 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-14 22:29 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-10 16:31 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Admin\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
2007-09-02 05:43 - 2007-09-02 05:43 - 00061440 _____ () C:\Program Files (x86)\WinDirStat\wdsr0407.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

========================= Accounts: ==========================

Admin (S-1-5-21-718493722-3534519543-2746478738-1000 - Enabled - Status: OK) => C:\Users\Admin
Administrator (S-1-5-21-718493722-3534519543-2746478738-500 - Disabled - Status: Degraded)
Gast (S-1-5-21-718493722-3534519543-2746478738-501 - Disabled - Status: Degraded)
HomeGroupUser$ (S-1-5-21-718493722-3534519543-2746478738-1004 - Enabled - Status: OK)

==================== Faulty Device Manager Devices =============

Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: TuneUpUtilitiesDrv
Description: TuneUpUtilitiesDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: TuneUpUtilitiesDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Intel(R) 82567LM-3 Gigabit Network Connection
Description: Intel(R) 82567LM-3 Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1kexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/26/2014 11:36:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ClearProg.exe, Version 1.6.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 468

Startzeit: 01cfd9d1909aa214

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\ClearProg\ClearProg.exe

Berichts-ID: 1bff71fd-45c5-11e4-b58e-915bfa9db7fd

Error: (09/25/2014 05:18:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070013, Das Medium ist schreibgeschützt.
.

Error: (09/25/2014 05:18:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070013, Das Medium ist schreibgeschützt.
]

Error: (09/25/2014 05:18:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x800705aa, Nicht genügend Systemressourcen, um den angeforderten Dienst auszuführen.
]

Error: (09/25/2014 04:59:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.


Details:
Could not query the status of the EventSystem service.

System Error:
Der Computer wird heruntergefahren.
.

Error: (09/23/2014 05:13:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm PDApp.exe, Version 8.0.0.120 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18a0

Startzeit: 01cfd74087a2bfb8

Endzeit: 3

Anwendungspfad: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\..\core\PDApp.exe

Berichts-ID: 1d3985ce-4334-11e4-aba1-974e8277bc2c

Error: (09/23/2014 02:33:15 PM) (Source: MsiInstaller) (EventID: 10005) (User: PC03)
Description: Product: Intel Extreme Tuning Utility -- Attempted to install on an unsupported platform.

Error: (09/22/2014 07:42:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CPUCalc1.9.6.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 840

Startzeit: 01cfd68b3cec435a

Endzeit: 10

Anwendungspfad: C:\Users\Admin\AppData\Local\Temp\Rar$EXa0.245\CPUCalc1.9.6\CPUCalc1.9.6.exe

Berichts-ID: ca7128aa-427f-11e4-87f3-8ac5a3c958f3

Error: (09/22/2014 07:05:23 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Catalog Database (1264) Catalog Database: Die Shadowkopfzeile für Datei C:\Windows\system32\CatRoot2\edb.chk konnte nicht geschrieben werden. Fehler -1032.

Error: (09/22/2014 07:05:23 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Catalog Database (1264) Catalog Database: Versuch, Datei "C:\Windows\system32\CatRoot2\edb.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.


System errors:
=============
Error: (09/26/2014 09:49:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/26/2014 09:49:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎26.‎09.‎2014 um 21:43:35 unerwartet heruntergefahren.

Error: (09/26/2014 09:19:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/26/2014 02:52:47 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.1.100 mit dem Computer mit der
Netzwerkhardwareadresse 1C-7B-21-97-45-E9 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (09/26/2014 00:29:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 70. Der interne Fehlerstatus lautet: 105.

Error: (09/26/2014 08:50:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/26/2014 07:00:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/26/2014 07:00:19 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎09.‎2014 um 20:37:38 unerwartet heruntergefahren.

Error: (09/25/2014 05:20:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUpUtilitiesDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/25/2014 05:09:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (09/26/2014 11:36:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ClearProg.exe1.6.0.046801cfd9d1909aa2145C:\Program Files (x86)\ClearProg\ClearProg.exe1bff71fd-45c5-11e4-b58e-915bfa9db7fd

Error: (09/25/2014 05:18:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070013, Das Medium ist schreibgeschützt.

Error: (09/25/2014 05:18:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, Das Medium ist schreibgeschützt.

Error: (09/25/2014 05:18:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x800705aa, Nicht genügend Systemressourcen, um den angeforderten Dienst auszuführen.

Error: (09/25/2014 04:59:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: 
Details:
Could not query the status of the EventSystem service.

System Error:
Der Computer wird heruntergefahren.

Error: (09/23/2014 05:13:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PDApp.exe8.0.0.12018a001cfd74087a2bfb83C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\..\core\PDApp.exe1d3985ce-4334-11e4-aba1-974e8277bc2c

Error: (09/23/2014 02:33:15 PM) (Source: MsiInstaller) (EventID: 10005) (User: PC03)
Description: Product: Intel Extreme Tuning Utility -- Attempted to install on an unsupported platform.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/22/2014 07:42:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CPUCalc1.9.6.exe1.0.0.084001cfd68b3cec435a10C:\Users\Admin\AppData\Local\Temp\Rar$EXa0.245\CPUCalc1.9.6\CPUCalc1.9.6.execa7128aa-427f-11e4-87f3-8ac5a3c958f3

Error: (09/22/2014 07:05:23 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Catalog Database1264Catalog Database: C:\Windows\system32\CatRoot2\edb.chk-1032

Error: (09/22/2014 07:05:23 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Catalog Database1264Catalog Database: C:\Windows\system32\CatRoot2\edb.chk-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


CodeIntegrity Errors:
===================================
  Date: 2014-09-02 18:28:01.112
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 18:28:00.956
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 18:21:25.641
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 18:21:25.444
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 17:56:37.958
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 17:56:37.802
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 14:43:17.372
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 14:43:17.183
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 14:18:31.830
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-02 14:18:31.674
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 62%
Total physical RAM: 3579.25 MB
Available physical RAM: 1348.1 MB
Total Pagefile: 8945.43 MB
Available Pagefile: 6339.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:82.98 GB) NTFS
Drive g: (DynamiteAT) (Fixed) (Total:465.76 GB) (Free:345.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 6D662F0D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7348D1CD)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 27.09.2014, 16:25   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht auf Viren/Trojaner - Standard

Verdacht auf Viren/Trojaner



Zitat:
127.0.0.1 bandicam.com
127.0.0.1 ssl.bandisoft.com
Sieht aus, als hättest dein Rechner mal was mit Cracks zu tun gehabt

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Verdacht auf Viren/Trojaner
bringe, extrem, fehlercode 22, fehlercode 24, fehlercode windows, gen, hoffe, inter, interne, internet, nichts, regelmäßig, scan, this device is disabled. (code 22), troja, trojaner, trojaner;internet;pc;virus, verdacht, verlangsamt, virus



Ähnliche Themen: Verdacht auf Viren/Trojaner


  1. Verdacht auf Viren
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (23)
  2. Win 7 x64, Avira blockiert & Verdacht auf Trojaner/Viren
    Log-Analyse und Auswertung - 22.04.2014 (9)
  3. Verdacht auf Trojaner/Viren
    Plagegeister aller Art und deren Bekämpfung - 05.04.2014 (13)
  4. Verdacht auf Viren
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (19)
  5. Pc verhält sich komisch. Viren/Maleware/Trojaner verdacht
    Log-Analyse und Auswertung - 19.09.2011 (9)
  6. Verdacht auf Viren
    Log-Analyse und Auswertung - 20.05.2011 (16)
  7. Verdacht auf Viren
    Log-Analyse und Auswertung - 11.04.2010 (9)
  8. Verdacht auf Viren
    Log-Analyse und Auswertung - 06.01.2010 (1)
  9. Verdacht auf Viren
    Log-Analyse und Auswertung - 11.12.2009 (4)
  10. Verdacht auf Viren
    Plagegeister aller Art und deren Bekämpfung - 28.09.2009 (10)
  11. Verdacht auf Viren
    Log-Analyse und Auswertung - 04.10.2008 (10)
  12. Hilfe!!!! Verdacht auf Hacker, Trojaner, Viren
    Log-Analyse und Auswertung - 28.09.2008 (4)
  13. Verdacht auf Viren/Trojaner
    Plagegeister aller Art und deren Bekämpfung - 31.10.2007 (6)
  14. Verdacht auf Viren/Trojaner
    Log-Analyse und Auswertung - 15.07.2006 (3)
  15. Verdacht auf Viren
    Plagegeister aller Art und deren Bekämpfung - 14.08.2005 (1)
  16. Verdacht auf ein paar Viren/Trojaner/Würmer!?
    Log-Analyse und Auswertung - 18.02.2005 (2)
  17. Dringend!!!! Verdacht auf Viren!!!
    Log-Analyse und Auswertung - 17.09.2004 (2)

Zum Thema Verdacht auf Viren/Trojaner - Hallo,ich habe einen Verdacht auf einen Trojaner bzw. einen Virus denn mein internet hat sich extrem verlangsamt obwohl ich regelmäßig den Datenmüll reinige und NICHTS in der Zeit gedownloadet habe. - Verdacht auf Viren/Trojaner...
Archiv
Du betrachtest: Verdacht auf Viren/Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.