Windows 7 grauer Bildschirm, lässt sich nicht mehr starten

schrauber · 21.11.2014, 17:19

definier mal bitte was genau nicht geht. Browser? oder auch Updates von Windows und AV?
Skype und Co?

WMX · 22.11.2014, 13:19

Hallo schrauber,
es funktioniert eigentlich nichts, wozu man eine Internetverbindung (Browser, Malwarebytes update )braucht.
Das einzige was funktioniert hatte, waren GDATA Updates. Aber das habe ich ja jetzt entfernt.

Bei den Lan Eigenschaften zeigt er mir bei IPv4 Internet und bei IPv6 keine Internetzugriff.
Ich habe schon den GoogleDNS bei IPv4 eingetragen, wie du es gesagt hattest, aber das hat nichts gebracht.
Was ich festgestellt habe, das wenn ich direkt die IP z.B. von Google(173.194.112.15) eingebe komme ich auf die Seite.

Danke

schrauber · 23.11.2014, 08:03

Zitat:

Was ich festgestellt habe, das wenn ich direkt die IP z.B. von Google(173.194.112.15) eingebe komme ich auf die Seite.

Und genau das regelt der DNS. Mach mal den Google DNS raus und versuch das mit der IP nochmal.

Haben andere Rechner im Netzwerk keine Probleme?

WMX · 23.11.2014, 10:10

Hallo,
alle Anderen Pcs, Handys haben keine Probleme.
Wenn ich den Google DNS rausnehme, funktioniert der Aufruf über die IP auch.
Was mir aufgefallen ist, ist wenn ich den Google DNS rein tue zeigt er mir direkt eine Internet Verbinung an. Mache ich es ohne den Google DNS dauert das 5-10 Min (oder manchmal sogar gar nicht), aber das komische ist,das ich in dieser Zeit trotzdem die Seite über die IP aufrufen kann.

Gruß

schrauber · 24.11.2014, 08:49

Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.

WMX · 12.12.2014, 22:50

Hallo schrauber,
sorry das ich mich jetzt erst melde. Habe eben alle "Tweaking" Sachen durchgeführt. Leider habe ich immer noch kein Internet. Hast du noch einen Rat für mich?

Danke

Gruß

schrauber · 13.12.2014, 19:37

hi,

Downloade dir bitte

Farbar Service Scanner

Starte das Tool mit Doppelklick auf die FSS.exe
Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

WMX · 14.12.2014, 12:21

Hallo schrauber,
habe Farbar Server Scanner nun ausgeführt mit der Einstellung "DNS-Server automatisch beziehen". Oder sollte ich es mit der DNS Einstellung von Google machen?

Danke

Code:

ATTFilter

Farbar Service Scanner Version: 21-07-2014
Ran by wmx (administrator) on 14-12-2014 at 12:08:39
Running from "G:\frst 12.12.2014"
Microsoft Windows 7 Enterprise  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

schrauber · 14.12.2014, 18:22

Nee das ändert eigentlich nix.

Gib mal bei FSS folgendes in die Box ein:

DnsCache

und klick auf Export Service.

WMX · 14.12.2014, 22:30

Hallo,

Code:

ATTFilter

Note: The export is in "Windows Registry Editor Version 5.00" format.

================== Result for "DnsCache" ==================

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\DnsCache]
"DisplayName"="@%SystemRoot%\\System32\\dnsapi.dll,-101"
"Group"="TDI"
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
  00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
  6b,00,20,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,53,00,65,00,72,00,76,\
  00,69,00,63,00,65,00,00,00
"Description"="@%SystemRoot%\\System32\\dnsapi.dll,-102"
"ObjectName"="NT AUTHORITY\\NetworkService"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"DependOnService"=hex(7):54,00,64,00,78,00,00,00,6e,00,73,00,69,00,00,00,00,00
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
  00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
  67,00,65,00,00,00,53,00,65,00,43,00,72,00,65,00,61,00,74,00,65,00,47,00,6c,\
  00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
  65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\DnsCache\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  64,00,6e,00,73,00,72,00,73,00,6c,00,76,00,72,00,2e,00,64,00,6c,00,6c,00,00,\
  00
"ServiceDllUnloadOnStop"=dword:00000001
"extension"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,\
  00,6e,00,73,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\DnsCache\Parameters\DnsCache]
"ShutdownOnIdle"=dword:00000000

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\DnsCache\Security]
"Security"=hex:01,00,14,80,f8,00,00,00,04,01,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,c8,00,08,00,00,00,00,02,18,00,9d,01,02,00,01,02,00,00,00,00,00,\
  05,20,00,00,00,21,02,00,00,00,02,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,\
  20,00,00,00,20,02,00,00,00,02,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,\
  00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,02,\
  14,00,8d,00,02,00,01,01,00,00,00,00,00,05,14,00,00,00,00,02,14,00,8d,00,02,\
  00,01,01,00,00,00,00,00,05,13,00,00,00,00,02,18,00,cd,00,02,00,01,02,00,00,\
  00,00,00,05,20,00,00,00,2c,02,00,00,00,02,28,00,cd,01,02,00,01,06,00,00,00,\
  00,00,05,50,00,00,00,04,c9,44,af,94,d9,d3,e5,2b,e1,b7,1c,17,84,87,13,6e,1a,\
  fa,65,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,\
  00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\DnsCache\TriggerInfo]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\DnsCache\TriggerInfo\0]
"Type"=dword:00000004
"Action"=dword:00000001
"GUID"=hex:07,9e,56,b7,21,84,e0,4e,ad,10,86,91,5a,fd,ad,09
"Data0"=hex:35,00,33,00,35,00,35,00,00,00,55,00,44,00,50,00,00,00,00,00
"DataType0"=dword:00000002



================== End Of Export =============

schrauber · 15.12.2014, 19:37

Windows Scheibe da? Dann wäre jetzt ein Inplace Upgrade fällig.

WMX · 18.01.2015, 20:08

Hallo schrauber,
habe jetzt endlich mein Implace Upgrade gemacht. Muss ich jetzt noch was beachten?
Das Internet funktioniert wieder und ich habe eine AntiViren Software installiert.

Gruß

schrauber · 19.01.2015, 07:20

Sonst auch keine Probleme mehr? Poste bitte ein frisches FRST log, ich schau nochmal drüber.

WMX · 19.01.2015, 22:28

Hi danke für die schnelle Antwort.
Habe das Upgrade am Samstag eingespielt und bis jetzt ist mir nichts aufgefallen.

Sehe ich in der Log richtig, dass da wieder ein Virus ist. In jeder Datei ist jeweils ein attention drin das heißt doch das da immer noch was ist oder?

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by wmx (administrator) on wmx-PC on 19-01-2015 20:42:42
Running from G:\me
Loaded Profiles: wmx (Available profiles: wmx & VMX)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(Microsoft) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(X-Micro Technology Corp.) C:\Program Files (x86)\Wireless LAN USB Dongle\ZDWlan.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [G Data ASM] => "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6421592 2014-03-06] (Acronis)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694072 2013-10-15] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5524336 2013-06-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2486443266-74473907-3229456260-1000\...\Run: [Google Update] => C:\Users\wmx\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-07] (Google Inc.)
HKU\S-1-5-21-2486443266-74473907-3229456260-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2486443266-74473907-3229456260-1000\...\MountPoints2: {8797e3d2-7264-11e1-8068-806e6f6e6963} - E:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless LAN USB Dongle.lnk
ShortcutTarget: Wireless LAN USB Dongle.lnk -> C:\Program Files (x86)\Wireless LAN USB Dongle\ZDWlan.exe (X-Micro Technology Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ZDWLan Utility.lnk
ShortcutTarget: ZDWLan Utility.lnk -> C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2486443266-74473907-3229456260-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2486443266-74473907-3229456260-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-2486443266-74473907-3229456260-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-2486443266-74473907-3229456260-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-2486443266-74473907-3229456260-1000 -> {167BE48F-F6E0-4666-BB46-DDC104E41316} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-2486443266-74473907-3229456260-1000 -> {6C64E95D-9BC2-4cb3-98A3-87F44D4BA624} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default
FF Homepage: google.de
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2486443266-74473907-3229456260-1000: @tools.google.com/Google Update;version=3 -> C:\Users\wmx\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2486443266-74473907-3229456260-1000: @tools.google.com/Google Update;version=9 -> C:\Users\wmx\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: HTTPS-Everywhere - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\https-everywhere@eff.org [2015-01-16]
FF Extension: YouTube Unblocker - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\youtubeunblocker@unblocker.yt [2015-01-16]
FF Extension: Snip-Me - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\addon@snip-me.de.xpi [2014-08-24]
FF Extension: Ghostery - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: ProxMate - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2012-04-22]
FF Extension: Personas Plus - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\personas@christopher.beard.xpi [2013-04-02]
FF Extension: Quick Translator - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-12-24]
FF Extension: BugMeNot Plugin - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2012-08-26]
FF Extension: gTranslate - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2013-12-24]
FF Extension: CoolPreviews - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2013-01-12]
FF Extension: Adblock Plus - C:\Users\wmx\AppData\Roaming\Mozilla\Firefox\Profiles\n8f46zif.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-22]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-01-18]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-21]
FF HKU\S-1-5-21-2486443266-74473907-3229456260-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\wmx\AppData\Local\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\wmx\AppData\Local\Google\Chrome\Application\39.0.2171.99\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\wmx\AppData\Local\Google\Chrome\Application\39.0.2171.99\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\wmx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\wmx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-21]
CHR Extension: (Google-Suche) - C:\Users\wmx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-21]
CHR Extension: (Window Resizer) - C:\Users\wmx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2014-08-04]
CHR Extension: (Google Wallet) - C:\Users\wmx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR Extension: (Google Mail) - C:\Users\wmx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [57344 2011-08-22] () [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-04-05] (Microsoft) [File not signed]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-16] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-07-25] (Microsoft Corporation) [File not signed]
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-06-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-20] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-04-15] ()
S1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-07-07] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-07-07] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-07-07] (Acronis International GmbH)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 15:57 - 2015-01-18 15:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-18 12:30 - 2015-01-18 12:30 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Avg_Update_1014av
2015-01-18 12:30 - 2015-01-18 12:30 - 00000000 ____D () C:\ProgramData\Avg_Update_1014av
2015-01-18 12:27 - 2015-01-18 12:27 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-18 12:27 - 2015-01-18 12:27 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\AVG2015
2015-01-18 12:27 - 2015-01-18 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-18 12:26 - 2015-01-18 12:27 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-18 12:26 - 2015-01-18 12:26 - 00000000 ___HD () C:\$AVG
2015-01-18 12:25 - 2015-01-18 12:25 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-18 12:24 - 2015-01-19 20:43 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-18 12:24 - 2015-01-18 16:06 - 00000000 ____D () C:\Users\wmx\AppData\Local\Avg2015
2015-01-18 12:24 - 2015-01-18 12:24 - 00000000 ____D () C:\Users\wmx\AppData\Local\MFAData
2015-01-18 12:20 - 2015-01-18 12:20 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Oracle
2015-01-18 12:20 - 2015-01-18 12:19 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-18 12:19 - 2015-01-18 12:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-18 12:19 - 2015-01-18 12:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-18 12:19 - 2015-01-18 12:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-18 12:19 - 2015-01-18 12:19 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-18 12:16 - 2015-01-18 12:21 - 181275096 _____ (AVG Technologies) C:\Users\wmx\Downloads\avg_isct_x64_all_2015_5645a8758_WAO_81.exe
2015-01-16 23:45 - 2015-01-16 23:45 - 00084520 _____ () C:\Users\wmx\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-16 21:31 - 2015-01-16 21:35 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\FreeFileSync
2015-01-16 21:31 - 2015-01-16 21:31 - 00000944 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk
2015-01-16 21:31 - 2015-01-16 21:31 - 00000934 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealtimeSync.lnk
2015-01-16 21:31 - 2015-01-16 21:31 - 00000932 _____ () C:\Users\Public\Desktop\FreeFileSync.lnk
2015-01-16 21:31 - 2015-01-16 21:31 - 00000922 _____ () C:\Users\Public\Desktop\RealtimeSync.lnk
2015-01-16 21:31 - 2015-01-16 21:31 - 00000000 ____D () C:\Users\wmx\AppData\Local\30FDB2F6_stp
2015-01-16 21:31 - 2015-01-16 21:31 - 00000000 ____D () C:\Program Files\FreeFileSync
2015-01-16 21:30 - 2015-01-16 21:30 - 12466640 _____ (www.FreeFileSync.org ) C:\Users\wmx\Downloads\FreeFileSync_6.13_Windows_Setup.exe
2015-01-16 21:30 - 2015-01-16 21:30 - 00118724 _____ () C:\Users\wmx\AppData\Local\30FDB2F6_stp.CIS
2015-01-16 21:30 - 2015-01-16 21:30 - 00000318 _____ () C:\Users\wmx\AppData\Local\30FDB2F6_stp.CIS.part
2015-01-16 21:02 - 2015-01-16 21:02 - 00000000 ____D () C:\Users\VMX.wmx-PC\AppData\Roaming\Mozilla
2015-01-16 21:02 - 2015-01-16 21:02 - 00000000 ____D () C:\Users\VMX.wmx-PC\AppData\Local\Mozilla
2015-01-16 18:12 - 2015-01-16 18:12 - 00000000 ____D () C:\Users\VMX.wmx-PC\AppData\Roaming\Macromedia
2015-01-16 18:09 - 2015-01-16 18:09 - 00084520 _____ () C:\Users\VMX.wmx-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-16 17:56 - 2015-01-16 17:56 - 00001439 _____ () C:\Users\VMX.wmx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-16 17:56 - 2015-01-16 17:56 - 00001405 _____ () C:\Users\VMX.wmx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-16 17:55 - 2015-01-16 17:55 - 00000020 ___SH () C:\Users\VMX.wmx-PC\ntuser.ini
2015-01-14 22:43 - 2015-01-14 22:43 - 00001439 _____ () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-14 22:43 - 2015-01-14 22:43 - 00001405 _____ () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-14 22:42 - 2015-01-14 22:42 - 00000020 ___SH () C:\Users\wmx\ntuser.ini
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\ProgramData\Favoriten
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-14 22:40 - 2015-01-14 22:40 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-14 22:15 - 2015-01-14 22:15 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat
2015-01-14 22:08 - 2015-01-14 22:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-14 22:08 - 2015-01-14 22:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-14 21:34 - 2015-01-16 17:55 - 00000000 ____D () C:\Users\VMX.wmx-PC
2015-01-14 21:34 - 2015-01-14 22:42 - 00000000 ____D () C:\Users\wmx
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Vorlagen
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Startmenü
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Netzwerkumgebung
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Lokale Einstellungen
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Eigene Dateien
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Druckumgebung
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Documents\Eigene Musik
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Documents\Eigene Bilder
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\AppData\Local\Verlauf
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\AppData\Local\Anwendungsdaten
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\VMX.wmx-PC\Anwendungsdaten
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Vorlagen
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Startmenü
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Netzwerkumgebung
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Lokale Einstellungen
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Eigene Dateien
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Druckumgebung
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Documents\Eigene Musik
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Documents\Eigene Bilder
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\AppData\Local\Verlauf
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\AppData\Local\Anwendungsdaten
2015-01-14 21:34 - 2015-01-14 21:34 - 00000000 _SHDL () C:\Users\wmx\Anwendungsdaten
2015-01-14 21:34 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\VMX.wmx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 21:34 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 21:34 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\VMX.wmx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 21:34 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 21:31 - 2015-01-19 20:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-14 21:30 - 2015-01-19 20:42 - 00044173 _____ () C:\Windows\WindowsUpdate.log
2015-01-14 21:30 - 2014-03-04 14:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-14 21:30 - 2014-03-04 14:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-14 21:30 - 2014-03-04 14:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-14 21:30 - 2014-03-04 14:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-14 21:30 - 2014-03-04 14:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-14 21:30 - 2014-03-04 14:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-14 21:30 - 2014-03-04 14:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-14 21:29 - 2015-01-14 21:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-14 21:29 - 2015-01-14 21:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-14 21:29 - 2015-01-14 21:38 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-14 21:28 - 2015-01-14 21:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-01-14 21:28 - 2015-01-14 21:28 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-14 21:28 - 2015-01-14 21:28 - 00000000 ____D () C:\Program Files\Realtek
2015-01-14 21:25 - 2015-01-14 21:25 - 00000000 ____D () C:\Windows\CSC
2015-01-14 21:17 - 2015-01-14 21:17 - 00262144 _____ () C:\Windows\system32\config\userdiff
2015-01-14 20:44 - 2015-01-14 22:22 - 00000000 ___HD () C:\$WINDOWS.~Q
2015-01-14 20:28 - 2015-01-14 20:34 - 00000000 ___HD () C:\$INPLACE.~TR
2015-01-14 19:47 - 2015-01-14 22:22 - 00006217 _____ () C:\Windows\comsetup.log
2015-01-14 19:24 - 2015-01-14 19:40 - 00003260 _____ () C:\Users\wmx\Desktop\Windows-Kompatibilitätsbericht.htm

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 20:42 - 2014-11-07 07:12 - 00000000 ____D () C:\FRST
2015-01-19 20:41 - 2009-07-14 05:51 - 00782640 _____ () C:\Windows\setupact.log
2015-01-19 20:40 - 2014-06-16 12:00 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-01-19 20:39 - 2012-04-05 20:02 - 00000000 _____ () C:\sniffer.log
2015-01-19 20:38 - 2012-03-07 20:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-01-19 20:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-18 20:01 - 2012-03-21 15:41 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\vlc
2015-01-18 19:57 - 2012-12-12 17:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-18 19:52 - 2012-12-07 09:32 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2486443266-74473907-3229456260-1000UA.job
2015-01-18 19:22 - 2009-07-14 05:45 - 00019312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 19:22 - 2009-07-14 05:45 - 00019312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 19:21 - 2010-11-21 07:22 - 00676372 _____ () C:\Windows\system32\perfh007.dat
2015-01-18 19:21 - 2010-11-21 07:22 - 00139312 _____ () C:\Windows\system32\perfc007.dat
2015-01-18 19:21 - 2009-07-14 06:13 - 01558916 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-18 19:13 - 2012-05-05 19:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-18 12:39 - 2012-12-20 08:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-18 12:38 - 2013-04-16 20:31 - 00000685 _____ () C:\Users\wmx\Desktop\Infos.txt
2015-01-18 12:20 - 2013-10-24 07:43 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-18 12:19 - 2013-10-24 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-01-18 12:19 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-18 11:07 - 2012-03-24 13:44 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6BC6128E-5E3A-47D7-B5EE-3D799A92D943}
2015-01-16 23:32 - 2010-11-21 04:47 - 00011734 _____ () C:\Windows\PFRO.log
2015-01-16 20:57 - 2012-12-12 17:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-16 20:57 - 2012-03-31 11:50 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-16 20:57 - 2012-03-08 11:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 22:47 - 2012-12-07 09:32 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2486443266-74473907-3229456260-1000UA
2015-01-14 22:47 - 2012-12-07 09:32 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2486443266-74473907-3229456260-1000Core
2015-01-14 22:47 - 2012-12-07 09:32 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2486443266-74473907-3229456260-1000Core.job
2015-01-14 22:41 - 2011-07-28 20:56 - 00000000 ____D () C:\Windows\Panther
2015-01-14 22:40 - 2012-03-07 20:05 - 00000000 __SHD () C:\Recovery
2015-01-14 22:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-14 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-14 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-14 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-14 22:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2015-01-14 22:14 - 2014-06-16 12:16 - 00000000 ____D () C:\Windows\System32\Tasks\Western Digital
2015-01-14 22:14 - 2013-12-10 15:06 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-01-14 22:14 - 2012-03-21 12:28 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-14 22:10 - 2009-07-14 05:45 - 00343752 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 22:08 - 2009-07-14 05:46 - 00006173 _____ () C:\Windows\DtcInstall.log
2015-01-14 22:08 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 22:08 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 22:08 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 22:08 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 22:07 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-14 22:06 - 2014-06-30 13:35 - 00000000 ____D () C:\Users\wmx\Desktop\WinMergePortable
2015-01-14 22:06 - 2014-06-25 11:39 - 00000000 ____D () C:\Users\wmx\EREnt
2015-01-14 22:06 - 2014-06-25 11:38 - 00000000 ____D () C:\Users\wmx\licman
2015-01-14 22:06 - 2014-06-25 11:38 - 00000000 ____D () C:\Users\wmx\EREnt64
2015-01-14 22:06 - 2014-06-23 19:51 - 00000000 ____D () C:\Users\wmx\Documents\R-TT
2015-01-14 22:06 - 2014-05-22 11:49 - 00000000 ___SD () C:\Users\wmx\Documents\Passwords Database
2015-01-14 22:06 - 2012-10-05 11:40 - 00000000 ____D () C:\Users\wmx\Documents\EA Games
2015-01-14 22:06 - 2012-03-21 21:00 - 00000000 ____D () C:\Users\wmx\Documents\Fax
2015-01-14 22:06 - 2012-03-07 22:27 - 00000000 ____D () C:\Users\wmx\Unigine Heaven
2015-01-14 22:06 - 2012-03-07 22:04 - 00000000 ____D () C:\Users\wmx\Documents\3DMark 11
2015-01-14 22:05 - 2014-08-26 15:07 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\MyPhoneExplorer
2015-01-14 22:05 - 2014-08-08 13:02 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Hotspot Shield
2015-01-14 22:05 - 2014-07-07 15:46 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Acronis
2015-01-14 22:05 - 2014-06-24 19:50 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Thinstall
2015-01-14 22:05 - 2014-06-21 19:35 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeUndelete
2015-01-14 22:05 - 2014-06-20 22:40 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2015-01-14 22:05 - 2014-06-16 12:00 - 00000000 ____D () C:\Users\wmx\AppData\Local\Western_Digital_Technolog
2015-01-14 22:05 - 2014-06-16 12:00 - 00000000 ____D () C:\Users\wmx\AppData\Local\Western Digital
2015-01-14 22:05 - 2014-05-22 11:54 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\NVIDIA
2015-01-14 22:05 - 2014-05-16 17:32 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\GHISLER
2015-01-14 22:05 - 2014-05-16 17:28 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\JAM Software
2015-01-14 22:05 - 2013-12-09 15:51 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Simply Super Software
2015-01-14 22:05 - 2013-10-29 18:55 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Malwarebytes' Anti-Malware
2015-01-14 22:05 - 2013-10-29 16:07 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Malwarebytes
2015-01-14 22:05 - 2013-09-05 12:35 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\www.shadowexplorer.com
2015-01-14 22:05 - 2013-09-05 11:59 - 00000000 ____D () C:\Users\wmx\AppData\Local\X-Ways
2015-01-14 22:05 - 2013-06-24 20:13 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Notepad++
2015-01-14 22:05 - 2013-05-27 20:45 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LMSOFT
2015-01-14 22:05 - 2013-04-14 18:37 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\gtk-2.0
2015-01-14 22:05 - 2013-02-06 20:12 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-14 22:05 - 2012-12-03 20:30 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Samsung
2015-01-14 22:05 - 2012-12-03 20:19 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Steganos
2015-01-14 22:05 - 2012-11-19 18:59 - 00000000 ____D () C:\Users\wmx\AppData\Local\Trolltech
2015-01-14 22:05 - 2012-11-16 21:33 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Nvu
2015-01-14 22:05 - 2012-10-05 11:39 - 00000000 __RHD () C:\Users\wmx\AppData\Roaming\SecuROM
2015-01-14 22:05 - 2012-09-06 13:43 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-14 22:05 - 2012-08-26 19:37 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\dp3d
2015-01-14 22:05 - 2012-08-24 20:11 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\FreeCDRipper
2015-01-14 22:05 - 2012-08-23 12:37 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\TuneUp Software
2015-01-14 22:05 - 2012-08-23 12:35 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\pdfforge
2015-01-14 22:05 - 2012-08-20 17:40 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Foxit Software
2015-01-14 22:05 - 2012-08-20 17:35 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Downloaded Installations
2015-01-14 22:05 - 2012-07-31 19:30 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\FreeAudioPack
2015-01-14 22:05 - 2012-05-27 21:51 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Mp3tag
2015-01-14 22:05 - 2012-05-18 17:53 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Epson
2015-01-14 22:05 - 2012-04-10 16:54 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\CyberLink
2015-01-14 22:05 - 2012-04-10 16:28 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-14 22:05 - 2012-04-09 21:12 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\dvdcss
2015-01-14 22:05 - 2012-04-09 20:21 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Softland
2015-01-14 22:05 - 2012-04-06 12:37 - 00000000 ____D () C:\Users\wmx\AppData\Local\TomTom
2015-01-14 22:05 - 2012-04-05 20:01 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-01-14 22:05 - 2012-04-01 19:44 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 22:05 - 2012-03-21 21:34 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\FRITZ!
2015-01-14 22:05 - 2012-03-21 19:46 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Ashampoo
2015-01-14 22:05 - 2012-03-21 15:50 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-14 22:05 - 2012-03-21 15:46 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\ICQ
2015-01-14 22:05 - 2012-03-21 15:45 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Opera
2015-01-14 22:05 - 2012-03-21 15:43 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Thunderbird
2015-01-14 22:05 - 2012-03-21 15:43 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Mozilla
2015-01-14 22:05 - 2012-03-21 15:39 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\WinRAR
2015-01-14 22:05 - 2012-03-21 13:35 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\HP
2015-01-14 22:05 - 2012-03-21 13:29 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Yahoo!
2015-01-14 22:05 - 2012-03-21 13:16 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2015-01-14 22:05 - 2012-03-07 21:50 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Macromedia
2015-01-14 22:05 - 2012-03-07 21:50 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\Adobe
2015-01-14 22:05 - 2012-03-07 20:19 - 00000000 ____D () C:\Users\wmx\AppData\Roaming\InstallShield
2015-01-14 22:05 - 2012-03-07 20:05 - 00000000 ____D () C:\Users\wmx\AppData\Local\VirtualStore
2015-01-14 22:04 - 2014-06-24 19:50 - 00000000 ____D () C:\Users\wmx\AppData\Local\Thinstall
2015-01-14 22:04 - 2012-12-03 20:30 - 00000000 ____D () C:\Users\wmx\AppData\Local\Samsung
2015-01-14 22:04 - 2012-04-10 17:17 - 00000000 ____D () C:\Users\wmx\AppData\Local\Power2Go
2015-01-14 22:04 - 2012-03-21 15:43 - 00000000 ____D () C:\Users\wmx\AppData\Local\Thunderbird
2015-01-14 22:03 - 2014-09-07 19:20 - 00000000 ____D () C:\Users\wmx\AppData\Local\Adobe
2015-01-14 22:03 - 2014-06-30 08:20 - 00000000 ____D () C:\Users\wmx\AppData\Local\FreeCommanderXE
2015-01-14 22:03 - 2014-05-24 21:56 - 00000000 ____D () C:\Users\wmx\AppData\Local\NVIDIA
2015-01-14 22:03 - 2013-12-24 11:41 - 00000000 ____D () C:\Users\wmx\AppData\Local\Mobogenie
2015-01-14 22:03 - 2013-12-24 11:41 - 00000000 ____D () C:\Users\wmx\AppData\Local\cache
2015-01-14 22:03 - 2013-12-24 11:41 - 00000000 ____D () C:\Users\wmx\.android
2015-01-14 22:03 - 2013-11-20 15:09 - 00000000 ____D () C:\Users\wmx\AppData\Local\NVIDIA Corporation
2015-01-14 22:03 - 2013-04-14 16:39 - 00000000 ____D () C:\Users\wmx\.dia
2015-01-14 22:03 - 2012-12-03 20:25 - 00000000 ____D () C:\Users\wmx\AppData\Local\Downloaded Installations
2015-01-14 22:03 - 2012-06-19 09:49 - 00000000 ____D () C:\Users\wmx\AppData\Local\Macromedia
2015-01-14 22:03 - 2012-05-18 17:44 - 00000000 ____D () C:\Users\wmx\AppData\Local\ABBYY
2015-01-14 22:03 - 2012-04-10 16:54 - 00000000 ____D () C:\Users\wmx\AppData\Local\Cyberlink
2015-01-14 22:03 - 2012-04-01 19:36 - 00000000 ____D () C:\Users\wmx\AppData\Local\Microsoft_Corporation
2015-01-14 22:03 - 2012-03-21 20:48 - 00000000 ____D () C:\Users\wmx\AppData\Local\Apps\2.0
2015-01-14 22:03 - 2012-03-21 15:53 - 00000000 ____D () C:\Users\wmx\AppData\Local\ashampoo
2015-01-14 22:03 - 2012-03-21 15:50 - 00000000 ____D () C:\Users\wmx\AppData\Local\Mozilla
2015-01-14 22:03 - 2012-03-21 15:50 - 00000000 ____D () C:\Users\wmx\AppData\Local\Google
2015-01-14 22:03 - 2012-03-21 15:45 - 00000000 ____D () C:\Users\wmx\AppData\Local\Opera
2015-01-14 22:03 - 2012-03-21 13:35 - 00000000 ____D () C:\Users\wmx\AppData\Local\HP
2015-01-14 22:03 - 2012-03-21 12:26 - 00000000 ____D () C:\Users\wmx\AppData\Local\Microsoft Help
2015-01-14 22:03 - 2012-03-07 22:03 - 00000000 ____D () C:\Users\wmx\AppData\Local\IsolatedStorage
2015-01-14 22:03 - 2012-03-07 22:03 - 00000000 ____D () C:\Users\wmx\AppData\Local\Futuremark_Corporation
2015-01-14 22:02 - 2014-11-07 16:19 - 00000000 ____D () C:\Users\VMX.wmx-PC\AppData\Roaming\Adobe
2015-01-14 22:02 - 2014-11-07 16:19 - 00000000 ____D () C:\Users\VMX.wmx-PC\AppData\Local\NVIDIA Corporation
2015-01-14 22:02 - 2014-11-07 16:19 - 00000000 ____D () C:\Users\VMX.wmx-PC\AppData\Local\NVIDIA
2015-01-14 22:02 - 2014-11-07 16:14 - 00000000 ____D () C:\Users\VMX.wmx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-14 21:56 - 2014-11-23 10:31 - 00000000 ____D () C:\Windows\XDRV
2015-01-14 21:56 - 2012-03-21 13:29 - 00000000 ____D () C:\Windows\SysWOW64\spool
2015-01-14 21:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-14 21:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-14 21:55 - 2014-03-31 18:48 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-14 21:55 - 2012-04-02 15:22 - 00000000 ____D () C:\Windows\pss
2015-01-14 21:55 - 2012-03-08 11:59 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-14 21:55 - 2012-03-08 11:59 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-14 21:55 - 2010-11-21 07:28 - 00000000 ____D () C:\Windows\ShellNew
2015-01-14 21:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-14 21:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-14 21:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-14 21:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2015-01-14 21:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-14 21:52 - 2014-11-07 16:11 - 00000000 ___RD () C:\Users\VMX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 21:52 - 2014-11-07 16:11 - 00000000 ___RD () C:\Users\VMX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 21:52 - 2014-11-07 16:11 - 00000000 ____D () C:\Users\VMX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-14 21:52 - 2014-11-07 16:11 - 00000000 ____D () C:\Users\VMX
2015-01-14 21:52 - 2014-07-16 13:20 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-01-14 21:52 - 2014-06-16 07:57 - 00000000 ____D () C:\ProgramData\Western Digital
2015-01-14 21:52 - 2013-12-10 15:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-14 21:52 - 2013-12-09 15:51 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-01-14 21:52 - 2013-11-18 14:32 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 21:52 - 2013-11-18 14:32 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 21:52 - 2013-11-18 14:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-14 21:52 - 2013-08-18 19:36 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-14 21:52 - 2012-12-03 20:28 - 00000000 ____D () C:\ProgramData\Samsung
2015-01-14 21:52 - 2012-08-23 12:37 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2015-01-14 21:52 - 2012-08-23 12:37 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-14 21:52 - 2012-07-17 09:36 - 00000000 ____D () C:\ProgramData\Sun
2015-01-14 21:52 - 2012-05-18 17:42 - 00000000 ____D () C:\ProgramData\UDL
2015-01-14 21:52 - 2012-04-10 16:55 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-14 21:52 - 2012-04-10 16:21 - 00000000 ____D () C:\ProgramData\Temp
2015-01-14 21:52 - 2012-03-21 13:36 - 00000000 ____D () C:\ProgramData\WEBREG
2015-01-14 21:52 - 2012-03-07 21:49 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2015-01-14 21:52 - 2012-03-07 20:15 - 00000000 ___HD () C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2015-01-14 21:52 - 2010-11-21 07:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-14 21:51 - 2014-12-12 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-14 21:51 - 2014-11-23 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireless LAN USB Dongle
2015-01-14 21:51 - 2014-11-23 10:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZyDAS IEEE 802.11g Wireless LAN - USB
2015-01-14 21:51 - 2014-10-31 09:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-14 21:51 - 2014-10-18 16:37 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-14 21:51 - 2014-08-26 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-01-14 21:51 - 2014-08-08 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2015-01-14 21:51 - 2014-08-08 13:03 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2015-01-14 21:51 - 2014-07-28 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-01-14 21:51 - 2014-07-09 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2015-01-14 21:51 - 2014-07-09 12:21 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2015-01-14 21:51 - 2014-07-07 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-01-14 21:51 - 2014-06-30 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE
2015-01-14 21:51 - 2014-06-16 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-01-14 21:51 - 2014-05-24 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-14 21:51 - 2014-05-23 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-14 21:51 - 2014-05-22 11:57 - 00000000 ____D () C:\ProgramData\G Data
2015-01-14 21:51 - 2014-05-18 09:44 - 00000000 ____D () C:\ProgramData\newbackup
2015-01-14 21:51 - 2014-05-18 09:43 - 00000000 ____D () C:\ProgramData\launcher
2015-01-14 21:51 - 2014-05-18 09:43 - 00000000 ____D () C:\ProgramData\explauncher
2015-01-14 21:51 - 2014-05-18 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Backup & Recovery™ 2014 Free
2015-01-14 21:51 - 2014-05-16 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-01-14 21:51 - 2013-12-10 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-14 21:51 - 2013-12-09 15:52 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-14 21:51 - 2013-12-09 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-01-14 21:51 - 2013-10-29 16:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-14 21:51 - 2013-10-24 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-14 21:51 - 2013-10-06 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicoZip
2015-01-14 21:51 - 2013-06-24 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-01-14 21:51 - 2013-05-11 11:30 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-14 21:51 - 2013-05-06 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2015-01-14 21:51 - 2013-04-14 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dia
2015-01-14 21:51 - 2013-03-31 09:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-14 21:51 - 2013-02-06 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-14 21:51 - 2012-12-08 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSDlife
2015-01-14 21:51 - 2012-12-03 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-14 21:51 - 2012-11-16 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nvu
2015-01-14 21:51 - 2012-11-16 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2015-01-14 21:51 - 2012-09-28 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-01-14 21:51 - 2012-09-06 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-14 21:51 - 2012-08-23 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-01-14 21:51 - 2012-08-20 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-01-14 21:51 - 2012-05-27 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-01-14 21:51 - 2012-05-18 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
2015-01-14 21:51 - 2012-05-18 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-01-14 21:51 - 2012-05-18 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-14 21:51 - 2012-05-18 17:38 - 00000000 ____D () C:\ProgramData\EPSON
2015-01-14 21:51 - 2012-05-07 20:27 - 00000000 ____D () C:\ProgramData\LightScribe
2015-01-14 21:51 - 2012-05-07 20:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2015-01-14 21:51 - 2012-05-07 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-01-14 21:51 - 2012-05-05 19:14 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 21:51 - 2012-04-13 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-01-14 21:51 - 2012-04-10 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Tool Kit
2015-01-14 21:51 - 2012-04-10 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-01-14 21:51 - 2012-04-09 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
2015-01-14 21:51 - 2012-04-06 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-01-14 21:51 - 2012-04-05 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-01-14 21:51 - 2012-04-05 20:01 - 00000000 ____D () C:\ProgramData\Freemake
2015-01-14 21:51 - 2012-04-01 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 21:51 - 2012-03-22 18:54 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2015-01-14 21:51 - 2012-03-21 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.7
2015-01-14 21:51 - 2012-03-21 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-14 21:51 - 2012-03-21 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-14 21:51 - 2012-03-21 13:29 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2015-01-14 21:51 - 2012-03-21 13:25 - 00000000 ____D () C:\ProgramData\HP
2015-01-14 21:51 - 2012-03-21 12:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-14 21:51 - 2012-03-11 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-01-14 21:51 - 2012-03-07 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2015-01-14 21:51 - 2012-03-07 21:51 - 00000000 ____D () C:\ProgramData\Futuremark
2015-01-14 21:51 - 2012-03-07 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2015-01-14 21:51 - 2012-03-07 20:30 - 00000000 ____D () C:\ProgramData\Intel
2015-01-14 21:51 - 2012-03-07 20:21 - 00000000 ____D () C:\ProgramData\InstallShield
2015-01-14 21:51 - 2012-03-07 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2015-01-14 21:51 - 2012-03-07 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-01-14 21:51 - 2012-03-07 20:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-14 21:51 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-14 21:50 - 2014-11-23 10:31 - 00000000 ____D () C:\Program Files (x86)\Wireless LAN USB Dongle
2015-01-14 21:50 - 2014-11-23 10:13 - 00000000 ____D () C:\Program Files (x86)\ZyDAS Technology Corporation
2015-01-14 21:50 - 2014-07-07 15:45 - 00000000 ____D () C:\ProgramData\Acronis
2015-01-14 21:50 - 2014-06-16 12:00 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2015-01-14 21:50 - 2014-04-19 10:57 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-01-14 21:50 - 2013-10-23 20:34 - 00000000 ____D () C:\Program Files (x86)\XEmacs
2015-01-14 21:50 - 2013-09-05 11:56 - 00000000 ____D () C:\Program Files (x86)\WinHex
2015-01-14 21:50 - 2012-12-08 15:05 - 00000000 ____D () C:\ProgramData\Binarysense
2015-01-14 21:50 - 2012-11-16 21:20 - 00000000 ____D () C:\ProgramData\eBay
2015-01-14 21:50 - 2012-05-18 17:44 - 00000000 ____D () C:\ProgramData\ABBYY
2015-01-14 21:50 - 2012-04-10 16:22 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-14 21:50 - 2012-03-21 15:53 - 00000000 ____D () C:\ProgramData\ashampoo
2015-01-14 21:50 - 2012-03-21 15:48 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-14 21:49 - 2014-12-12 21:43 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-14 21:49 - 2014-10-04 15:38 - 00000000 ____D () C:\Program Files (x86)\stinger
2015-01-14 21:49 - 2014-05-16 17:32 - 00000000 ____D () C:\Program Files (x86)\totalcmd
2015-01-14 21:49 - 2013-12-09 15:51 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-01-14 21:49 - 2013-05-06 16:16 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2015-01-14 21:49 - 2012-09-11 17:19 - 00000000 ____D () C:\Program Files (x86)\TASTstar
2015-01-14 21:49 - 2012-09-06 09:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-14 21:49 - 2012-04-06 12:37 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2015-01-14 21:49 - 2012-03-07 22:26 - 00000000 ____D () C:\Program Files (x86)\Unigine
2015-01-14 21:47 - 2014-06-21 19:46 - 00000000 ____D () C:\Program Files (x86)\Smart PC Solutions
2015-01-14 21:47 - 2013-12-10 15:06 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-14 21:47 - 2013-10-06 11:43 - 00000000 ____D () C:\Program Files (x86)\PicoZipRT
2015-01-14 21:47 - 2013-06-24 20:13 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-01-14 21:47 - 2012-12-03 20:28 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-14 21:47 - 2012-11-16 21:33 - 00000000 ____D () C:\Program Files (x86)\Nvu
2015-01-14 21:47 - 2012-08-23 12:35 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-01-14 21:47 - 2012-07-17 09:36 - 00000000 ____D () C:\Program Files (x86)\Oracle
2015-01-14 21:47 - 2012-05-08 16:00 - 00000000 ____D () C:\Program Files (x86)\Renegade X Black Dawn
2015-01-14 21:47 - 2012-03-21 15:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-14 21:47 - 2012-03-07 22:16 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2015-01-14 21:47 - 2012-03-07 20:17 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-14 21:46 - 2014-10-31 09:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-14 21:46 - 2014-08-26 15:06 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2015-01-14 21:46 - 2014-06-12 09:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 21:46 - 2012-09-28 16:18 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-01-14 21:46 - 2012-05-27 21:51 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2015-01-14 21:46 - 2012-04-06 12:37 - 00000000 ____D () C:\Program Files (x86)\MyTomTom 3
2015-01-14 21:46 - 2012-03-21 12:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-01-14 21:46 - 2012-03-21 12:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-01-14 21:46 - 2012-03-21 12:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-14 21:44 - 2013-05-27 20:44 - 00000000 ____D () C:\Program Files (x86)\LMSOFT
2015-01-14 21:44 - 2012-04-10 16:35 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2015-01-14 21:44 - 2012-03-11 19:33 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2015-01-14 21:43 - 2014-05-16 17:28 - 00000000 ____D () C:\Program Files (x86)\JAM Software
2015-01-14 21:43 - 2012-07-27 10:03 - 00000000 ____D () C:\Program Files (x86)\KONAMI
2015-01-14 21:43 - 2012-03-07 20:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-14 21:43 - 2012-03-07 20:16 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-14 21:42 - 2012-03-21 15:46 - 00000000 ____D () C:\Program Files (x86)\ICQ7.7
2015-01-14 21:42 - 2012-03-21 13:27 - 00000000 ____D () C:\Program Files (x86)\HP
2015-01-14 21:41 - 2014-08-08 13:02 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2015-01-14 21:41 - 2014-06-30 08:20 - 00000000 ____D () C:\Program Files (x86)\FreeCommander XE
2015-01-14 21:41 - 2014-06-21 19:35 - 00000000 ____D () C:\Program Files (x86)\FreeUndelete
2015-01-14 21:41 - 2012-08-20 17:40 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-01-14 21:41 - 2012-07-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Free mp3 Wma Converter
2015-01-14 21:41 - 2012-05-18 17:40 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2015-01-14 21:41 - 2012-05-18 17:38 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-14 21:41 - 2012-04-05 20:01 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-01-14 21:41 - 2012-03-21 13:16 - 00000000 ____D () C:\Program Files (x86)\FRITZ!DSL
2015-01-14 21:41 - 2012-03-11 12:17 - 00000000 ____D () C:\Program Files (x86)\HD Tune
2015-01-14 21:41 - 2012-03-07 21:49 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2015-01-14 21:41 - 2012-03-07 20:19 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2015-01-14 21:41 - 2012-03-07 20:19 - 00000000 ____D () C:\Program Files (x86)\Etron Technology
2015-01-14 21:40 - 2014-07-09 12:21 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft Password Recovery
2015-01-14 21:40 - 2014-07-09 12:21 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2015-01-14 21:40 - 2013-09-17 11:13 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2015-01-14 21:40 - 2013-04-14 16:29 - 00000000 ____D () C:\Program Files (x86)\Dia
2015-01-14 21:40 - 2013-03-31 09:28 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-01-14 21:40 - 2013-02-06 20:12 - 00000000 ____D () C:\Program Files (x86)\DiskInternals
2015-01-14 21:40 - 2012-11-16 21:20 - 00000000 ____D () C:\Program Files (x86)\eBay
2015-01-14 21:40 - 2012-04-10 16:24 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-14 21:40 - 2012-03-07 20:18 - 00000000 ____D () C:\Program Files (x86)\Dolby Home Theater v4
2015-01-14 21:39 - 2014-07-07 15:45 - 00000000 ____D () C:\Program Files (x86)\Acronis
2015-01-14 21:39 - 2012-12-20 08:06 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-14 21:39 - 2012-12-08 15:05 - 00000000 ____D () C:\Program Files (x86)\BinarySense
2015-01-14 21:39 - 2012-05-18 17:44 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-01-14 21:39 - 2012-04-13 21:10 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2015-01-14 21:39 - 2012-04-05 20:02 - 00000000 ____D () C:\Program Files\WinPcap
2015-01-14 21:39 - 2012-03-21 15:38 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-14 21:39 - 2012-03-07 20:20 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-01-14 21:38 - 2014-06-16 12:00 - 00000000 ____D () C:\Program Files\Western Digital
2015-01-14 21:38 - 2014-05-18 09:42 - 00000000 ____D () C:\Program Files\Paragon Software
2015-01-14 21:38 - 2012-09-28 20:18 - 00000000 ____D () C:\Program Files\Recuva
2015-01-14 21:38 - 2012-04-09 20:21 - 00000000 ____D () C:\Program Files\Softland
2015-01-14 21:38 - 2012-03-21 15:41 - 00000000 ____D () C:\Program Files\VideoLAN
2015-01-14 21:37 - 2014-06-16 12:00 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2015-01-14 21:37 - 2014-05-23 08:32 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-14 21:37 - 2013-08-18 19:36 - 00000000 ____D () C:\Program Files\Cyberfox
2015-01-14 21:37 - 2012-10-09 08:11 - 00000000 ____D () C:\Program Files\Java
2015-01-14 21:37 - 2012-05-18 17:46 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2015-01-14 21:37 - 2012-05-18 17:41 - 00000000 ____D () C:\Program Files\Epson Software
2015-01-14 21:37 - 2012-05-18 17:39 - 00000000 ____D () C:\Program Files\EpsonNet
2015-01-14 21:37 - 2012-03-21 13:16 - 00000000 ____D () C:\Program Files\FRITZ!DSL
2015-01-14 21:37 - 2012-03-21 13:16 - 00000000 ____D () C:\Program Files\Common Files\AVM
2015-01-14 21:37 - 2012-03-07 22:02 - 00000000 ____D () C:\Program Files\Futuremark
2015-01-14 21:37 - 2012-03-07 20:19 - 00000000 ____D () C:\Program Files\GIGABYTE
2015-01-14 21:37 - 2012-03-07 20:17 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-01-14 21:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-14 21:33 - 2011-07-28 20:01 - 00003652 _____ () C:\Windows\TSSysprep.log
2015-01-14 21:31 - 2012-04-10 16:51 - 00000000 ____D () C:\Temp
2015-01-14 21:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-01-14 21:23 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-14 21:23 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-14 21:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-14 20:21 - 2012-03-07 20:07 - 01992876 _____ () C:\Windows\WindowsUpdate (1).log
2015-01-14 19:35 - 2014-04-04 09:49 - 00002544 _____ () C:\Windows\diagwrn.xml
2015-01-14 19:35 - 2014-04-04 09:49 - 00001890 _____ () C:\Windows\diagerr.xml

==================== Files in the root of some directories =======
2014-05-22 11:58 - 2014-05-22 11:58 - 0000000 _____ () C:\Users\wmx\AppData\Roaming\gdfw.log
2014-05-22 11:58 - 2014-05-22 11:58 - 0000779 _____ () C:\Users\wmx\AppData\Roaming\gdscan.log
2015-01-16 21:30 - 2015-01-16 21:30 - 0118724 _____ () C:\Users\wmx\AppData\Local\30FDB2F6_stp.CIS
2015-01-16 21:30 - 2015-01-16 21:30 - 0000318 _____ () C:\Users\wmx\AppData\Local\30FDB2F6_stp.CIS.part

Files to move or delete:
====================


Some content of TEMP:
====================
C:\Users\wmx\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-18 11:34

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by wmx at 2015-01-19 20:43:37
Running from G:\me
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
2570 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
2570_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
2570Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.3 - Futuremark Corporation)
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.0 - Futuremark Corporation)
3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.0 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Ashampoo Burning Studio 2012 CBE v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 2012 CBE_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4253 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
Benutzerhandbuch - Grundlagen EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Bog) (Version:  - )
Benutzerhandbuch EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Useg) (Version:  - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 23.0.0 - 8pecxstudios)
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4703 - CyberLink Corp.)
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4619 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3530.52 - CyberLink Corp.)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dia (nur entfernen) (HKLM-x32\...\Dia) (Version:  - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Easy Tune 6 B11.0823.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0823.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.3.1.606 - Foxit Corporation)
Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: Preview - Marek Jasinski)
FreeFileSync 6.13 (HKLM-x32\...\FreeFileSync_is1) (Version: 6.13 - www.FreeFileSync.org)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.0.1 - Ellora Assets Corporation)
FreeUndelete (HKLM-x32\...\FreeUndelete) (Version:  - )
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.6.0 - Futuremark Corporation)
Google Chrome (HKU\S-1-5-21-2486443266-74473907-3229456260-1000\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 9.01.1124.01 - )
LightScribe System Software (HKLM-x32\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Mp3tag v2.51 (HKLM-x32\...\Mp3tag) (Version: v2.51 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
MyTomTom 3.2.0.802 (HKLM-x32\...\MyTomTom) (Version: 3.2.0.802 - TomTom)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Netzwerkhandbuch EPSON SX430 Series (HKLM-x32\...\EPSON SX430 Series Netg) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Paragon Backup & Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
PicoZip Recovery Tool 1.02 (HKLM-x32\...\PicoZip Recovery Tool 1.02) (Version: 1.02 - Softchitect)
Pro Evolution Soccer 2013 DEMO (HKLM-x32\...\{65F8E0A6-A290-4D47-B391-D6353D756854}) (Version: 1.00.0000 - KONAMI)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
Renegade X Black Dawn (HKLM\...\UDK-c44c2fe6-36d8-47db-bb6d-3514af203909) (Version:  - Epic Games, Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Smart 6 B11.0824.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Smart Data Recovery v4.3 (HKLM-x32\...\Smart Data Recovery_is1) (Version: 4.3 - Smart PC Solutions)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SSDlife Free (HKLM-x32\...\{5D87C1F3-7A8E-4BFC-841B-A9D69EC58BAF}) (Version: 2.3.52 - BinarySense Inc.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
TASTstar 5.0 Demo (HKLM-x32\...\{9DEA24B3-59BC-4C57-BD1C-4A261F269748}) (Version: 5.0.0 - Thorsten Rueffer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TreeSize Free V3.0.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.0.1 - JAM Software)
Trojan Remover 6.8.8 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.8.8 - Simply Super Software)
True Image WD Edition (HKLM-x32\...\{48F9E716-6153-4B05-B7BB-9FB42B98CDFB}) (Version: 16.0.5962 - Acronis)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Unigine Heaven DX11 Benchmark 2.5 version 2.5 (HKLM-x32\...\Unigine Heaven DX11 Benchmark 2.5_is1) (Version: 2.5 - )
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{2D2BD030-2DC0-478F-9710-3554FFC0D797}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{5A9D095A-C6DC-4A69-8A96-AC23911A2D4E}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B7063C41-A5D1-482D-BE07-34750B26950B}) (Version: 2.1.0.11 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinHex (HKLM-x32\...\WinHex) (Version:  - )
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless LAN USB Dongle (HKLM-x32\...\InstallShield_{5EF8822C-6CA1-4B4A-89C4-19CDB64B3BF0}) (Version: 1.0.7 - Wireless LAN USB Dongle)
Wireless LAN USB Dongle (x32 Version: 1.0.7 - Wireless LAN USB Dongle) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
ZyDAS IEEE 802.11g Wireless LAN - USB (HKLM-x32\...\{581CE7EA-A30D-0000-1211-088635773309}) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2486443266-74473907-3229456260-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\wmx\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2486443266-74473907-3229456260-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\wmx\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2486443266-74473907-3229456260-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\wmx\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2486443266-74473907-3229456260-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\wmx\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

18-01-2015 12:19:11 Installed Java 7 Update 71
18-01-2015 12:25:20 Installed AVG 2015
18-01-2015 12:25:37 Installed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-12 22:29 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12D95F20-C07E-45E7-956F-8E437096B3DC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {397E7A70-2EF5-4A83-B228-AA61E49BDB92} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2486443266-74473907-3229456260-1000UA => C:\Users\wmx\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {3C2D62B9-1B39-48D3-842B-3B9D1412FBCF} - System32\Tasks\{DA08C550-F3A1-4534-92A3-87376C165DFF} => K:\Installer\Installer.exe
Task: {3DC0B62C-F737-469B-8039-566807DDF5B2} - System32\Tasks\{D20D9172-AD53-4288-85FB-386D2E4816BA} => C:\Program Files (x86)\Wireless LAN USB Dongle\ZDWlan.exe [2005-11-16] (X-Micro Technology Corp.)
Task: {417AB3A7-5457-4CE9-A74E-3255DB65D662} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {4868F869-4EA7-480E-BF14-61B2CCFE3FDA} - System32\Tasks\{73E24888-51FC-45E4-94BB-BDA106857130} => C:\Program Files (x86)\Wireless LAN USB Dongle\ZDWlan.exe [2005-11-16] (X-Micro Technology Corp.)
Task: {54CD8AAC-A2F1-42C7-AB0A-B4B1A750F0DA} - System32\Tasks\{0E00D31B-70DD-4155-87DE-0351B338CFC4} => C:\Program Files (x86)\FreeUndelete\fru.exe [2008-09-12] ()
Task: {637EC1EC-81EF-4EC8-871E-76D1CC20675E} - System32\Tasks\{F5FA7F69-5DA3-4479-B237-D86DA333F24A} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {732829BE-7B2F-4D74-A75E-E53E92424B0B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {75D6DD84-3F45-4012-9A9F-307798EDF8A7} - System32\Tasks\{5FA11693-BD75-4835-8D58-DB4B7BABFBD4} => K:\Installer\Installer.exe
Task: {8C7B0010-A7AE-4DDF-8762-D60A7C6661BE} - System32\Tasks\{A2C3A3CE-3FC5-49EE-B5E7-8CA031CF4961} => pcalua.exe -a E:\Driver\WLAN\ZD1211USB_Install_4803_WHQL.exe -d E:\Driver\WLAN
Task: {8D2FF55B-DC28-4667-8BBF-671BF1B3DBBD} - System32\Tasks\{BC71D9D7-7E55-4A7E-AF4F-585482942057} => C:\Program Files (x86)\FreeUndelete\fru.exe [2008-09-12] ()
Task: {92F7A844-AB9F-4DE4-912C-AC09EA7FE037} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {A331866F-4441-4522-B11E-E06FA69ACD93} - System32\Tasks\{62388044-C297-492A-A5D2-A441D5CE5D34} => C:\Program Files (x86)\FreeUndelete\fru.exe [2008-09-12] ()
Task: {A86EC08C-C5FE-46EB-8CCE-0DDC46D73DF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-16] (Adobe Systems Incorporated)
Task: {D1A53EC4-F40B-4049-A90C-3CB952CD4853} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {D531193A-DC31-4413-902F-7BCF1ABFB383} - \SidebarExecute No Task File <==== ATTENTION
Task: {E716E787-9EC0-4AC9-BC29-88C624137A6B} - System32\Tasks\{0A9091BF-1B1C-44F0-B4D8-8EBC30E1CA28} => C:\Program Files (x86)\Convar\PC Inspector File Recovery\Filerecovery.exe [2005-03-12] ()
Task: {F8F166E4-954F-4F17-AAE2-0E7C142F1FBB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2486443266-74473907-3229456260-1000Core => C:\Users\wmx\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {FA831DA8-A384-4A98-BC48-0E46C5A6E4C0} - System32\Tasks\{4A29F1B7-959A-45A1-92FD-3A51F72F8266} => pcalua.exe -a K:\Installer\Installer.exe -d K:\Installer
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2486443266-74473907-3229456260-1000Core.job => C:\Users\wmx\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2486443266-74473907-3229456260-1000UA.job => C:\Users\wmx\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-14 21:30 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-03-07 20:21 - 2011-08-22 15:26 - 00057344 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
2014-05-16 23:34 - 2014-05-16 23:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2012-03-07 20:17 - 2011-06-10 03:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-11-23 10:13 - 2004-11-24 10:26 - 00438272 _____ () C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
2015-01-14 21:56 - 2015-01-14 21:56 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2012-03-21 15:38 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2012-03-07 20:21 - 2009-05-04 17:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll
2014-05-17 01:11 - 2014-05-17 01:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 01:37 - 2014-05-17 01:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2005-09-21 21:39 - 2005-09-21 21:39 - 00212992 _____ () C:\Program Files (x86)\Wireless LAN USB Dongle\dot1x_dll.dll
2004-03-05 15:00 - 2004-03-05 15:00 - 00155648 _____ () C:\Program Files (x86)\Wireless LAN USB Dongle\SSLEAY32.dll
2004-03-05 15:00 - 2004-03-05 15:00 - 00827392 _____ () C:\Program Files (x86)\Wireless LAN USB Dongle\LIBEAY32.dll
2005-11-01 17:36 - 2005-11-01 17:36 - 00045056 _____ () C:\Program Files (x86)\Wireless LAN USB Dongle\ZDWLAN.dll
2013-01-10 12:43 - 2013-01-10 12:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-11-23 10:13 - 2004-11-21 17:14 - 00200704 _____ () C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\dot1x_dll.dll
2014-11-23 10:13 - 2004-03-05 15:00 - 00155648 _____ () C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\SSLEAY32.dll
2014-11-23 10:13 - 2004-03-05 15:00 - 00827392 _____ () C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\LIBEAY32.dll
2014-11-23 10:13 - 2004-11-16 19:33 - 00040960 _____ () C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWLAN.dll
2014-03-06 01:00 - 2014-03-06 01:00 - 13673304 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-12-10 15:06 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-10 15:06 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-10 15:06 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-10 15:06 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-10 15:06 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-03-05 23:10 - 2014-03-05 23:10 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^wmx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Protect.lnk => C:\Windows\pss\FRITZ!DSL Protect.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Dexpot => C:\Users\wmx\Downloads\Portable\Dexpot\dexpot.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPSON SX430 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.EXE /FU "C:\Users\wmx\AppData\Local\Temp\E_S6A56.tmp" /EF "HKCU"
MSCONFIG\startupreg: Google Update => "C:\Users\wmx\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LGODDFU => "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\system32\StikyNot.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: TrojanScanner => C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: ZyngaGamesAgent => "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2486443266-74473907-3229456260-500 - Administrator - Disabled)
Gast (S-1-5-21-2486443266-74473907-3229456260-501 - Limited - Disabled)
wmx (S-1-5-21-2486443266-74473907-3229456260-1000 - Administrator - Enabled) => C:\Users\wmx
VMW (S-1-5-21-2486443266-74473907-3229456260-1005 - Administrator - Enabled) => C:\Users\VMW.wmx-PC

==================== Faulty Device Manager Devices =============

Name: Hotspot Shield Routing Driver 6
Description: Hotspot Shield Routing Driver 6
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HssDRV6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2015 08:40:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2015 08:38:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (01/19/2015 08:38:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]

Error: (01/18/2015 07:16:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 07:14:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (01/18/2015 07:14:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]

Error: (01/18/2015 02:07:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 02:05:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (01/18/2015 02:05:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]

Error: (01/18/2015 00:59:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/19/2015 08:40:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}

Error: (01/19/2015 08:39:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HssDRV6

Error: (01/19/2015 08:39:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/19/2015 08:39:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (01/19/2015 08:38:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/19/2015 08:38:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HP CUE DeviceDiscovery Service erreicht.

Error: (01/18/2015 07:15:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
HssDRV6

Error: (01/18/2015 07:14:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/18/2015 07:14:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (01/18/2015 07:14:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (01/19/2015 08:40:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2015 08:38:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (01/19/2015 08:38:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]

Error: (01/18/2015 07:16:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 07:14:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (01/18/2015 07:14:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]

Error: (01/18/2015 02:07:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 02:05:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (01/18/2015 02:05:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]

Error: (01/18/2015 00:59:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 16301.11 MB
Available physical RAM: 13756.32 MB
Total Pagefile: 32600.41 MB
Available Pagefile: 29873.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:363.3 GB) NTFS
Drive d: (Volume) (Fixed) (Total:186.31 GB) (Free:102.05 GB) NTFS
Drive g: (HITMANPRO) (Removable) (Total:29.39 GB) (Free:28.66 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 16EEF423)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 186.3 GB) (Disk ID: 6C897C7C)
Partition 1: (Not Active) - (Size=186.3 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 29.5 GB) (Disk ID: CAD9A6B3)
Partition 1: (Active) - (Size=29.4 GB) - (Type=0B)

==================== End Of Log ============================

Besten Grüße

schrauber · 20.01.2015, 12:29

Zitat:

In jeder Datei ist jeweils ein attention drin das heißt doch das da immer noch was ist oder?

Ich liege flach mit Fieber und akuter Angina, vielleicht liegt es daran. Denn ich bin immer noch am Suchen was Du meinst. Ich sehe nur 2 Attentions, 1 pro log, und beide sind Reste.

21.11.2014, 17:19	#16
schrauber /// the machine /// TB-Ausbilder	Windows 7 grauer Bildschirm, lässt sich nicht mehr starten definier mal bitte was genau nicht geht. Browser? oder auch Updates von Windows und AV? Skype und Co? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

14.12.2014, 18:22	#24
schrauber /// the machine /// TB-Ausbilder	Windows 7 grauer Bildschirm, lässt sich nicht mehr starten Nee das ändert eigentlich nix. Gib mal bei FSS folgendes in die Box ein: DnsCache und klick auf Export Service. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

15.12.2014, 19:37	#26
schrauber /// the machine /// TB-Ausbilder	Windows 7 grauer Bildschirm, lässt sich nicht mehr starten Windows Scheibe da? Dann wäre jetzt ein Inplace Upgrade fällig. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

19.01.2015, 07:20	#28
schrauber /// the machine /// TB-Ausbilder	Windows 7 grauer Bildschirm, lässt sich nicht mehr starten Sonst auch keine Probleme mehr? Poste bitte ein frisches FRST log, ich schau nochmal drüber. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 7 grauer Bildschirm, lässt sich nicht mehr starten

Log-Analyse und Auswertung: Windows 7 grauer Bildschirm, lässt sich nicht mehr starten