MyStart Search & firefox

yxc32 · 03.03.2015, 21:51

Hallo,

ich habe heute nach de Installation eines Programms MystartSearch als Startseite bei Firefox angezeigt bekommen. Beim Öffnen eines neuen Tabs wurde ein fehler angezeigt, eine Datei konnte nicht gefunden werden(dazu habe ich bereits Threads hier gefunden)

Ich habe firefox und alles dazugehörige mithilve von Revo Uninstaller deinstalliert.
Malwarebytes hat beim scan 4 Objekte gefunden. Diese habe ich in die Quarantäne verschoben. Unter dem Tab Verlauf->Quarantäne wurden 2 Dateien gelistet, diese habe ich gelöscht.

Darauf ein zweites Mal den Scan gestartet, hat dieses Mal 7 Dateien gefunden, ist aber vor der Beendigung des Suchlaufs abgestürzt.
Gerade habe ich den Scan zum 3. mal gestartet.
anbei befindet sich die logdatei aus dem ersten Suchlauf.
Ich würde mich über HIlfe freuen, Danke im Voraus

schrauber · 04.03.2015, 06:21

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

yxc32 · 04.03.2015, 11:04

sorry, in einem der guides auf dieser Seite wurde erwähnt, dass man logs anhängen soll.

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.03.2015
Suchlauf-Zeit: 21:34:35
Logdatei: log1.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.03.03.06
Rootkit Datenbank: v2015.02.25.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Georg

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 406401
Verstrichene Zeit: 30 Min, 14 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.Qone8, HKU\S-1-5-21-396868433-2904709971-3009115836-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [de44a49dc4c691a5c453fe1113f26997], 
PUP.Optional.IStart.A, HKU\S-1-5-21-396868433-2904709971-3009115836-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MOZILLA\EXTENDS, Löschen bei Neustart, [fc2687ba3555b77f8700a7f761a2857b], 

Registrierungswerte: 1
PUP.Optional.IStart.A, HKU\S-1-5-21-396868433-2904709971-3009115836-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MOZILLA\EXTENDS|appid, istart_ffnt@gmail.com, Löschen bei Neustart, [fc2687ba3555b77f8700a7f761a2857b]

Registrierungsdaten: 12
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX&q={searchTerms}),Ersetzt,[54ce370a89016acc77cf07c5de279868]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX),Ersetzt,[3fe369d8fc8e4cea9babf5d7ec199769]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX),Ersetzt,[6db5f74ad9b1ca6ca6a06f5d06ff19e7]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX&q={searchTerms}),Ersetzt,[36eccc75a5e55ed8de682aa2ca3b27d9]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[fa2874cd0585092d06ca0fc940c5de22]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX&q={searchTerms}),Ersetzt,[d34f9da4b0da989eaf976c60e71ef20e]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX),Ersetzt,[e83a8cb5068467cf4ff72ba1fe077c84]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX),Ersetzt,[cb57f74ac3c7979f1333a824dd2825db]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX&q={searchTerms}),Ersetzt,[fa284ff2f3971224d175319be61fa060]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[2af8cb760387e6502ca410c8b550d52b]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-396868433-2904709971-3009115836-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX),Löschen bei Neustart,[849ec57ca7e33501b592d1fb12f347b9]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-396868433-2904709971-3009115836-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1425408978&from=cor&uid=HitachiXHTS545050A7E380_TA95113VCVG6KSCVG6KSX),Löschen bei Neustart,[9e84b988ec9ec37379ce5d6f6f96956b]

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 1
PUP.Optional.MyStartSearch.A, C:\Users\Georg\AppData\Local\Temp\is1201216051\5F8DFDD0_stp\Feb15_cor_mystartsearch.exe, In Quarantäne, [44dedb666f1be254f3899d747f87dd23], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Habe noch AdwCleaner drüber laufen lassen

Code:

ATTFilter

# AdwCleaner v4.111 - Bericht erstellt 03/03/2015 um 23:15:42
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-03-02.3 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Georg - GEORG-PC
# Gestarted von : C:\Users\Georg\Downloads\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystartsearch.com

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0 (x86 de)


*************************

AdwCleaner[R0].txt - [3467 Bytes] - [03/03/2015 21:06:08]
AdwCleaner[R1].txt - [1125 Bytes] - [03/03/2015 23:10:11]
AdwCleaner[S0].txt - [1002 Bytes] - [03/03/2015 23:15:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1061  Bytes] ##########

schrauber · 04.03.2015, 11:32

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

yxc32 · 04.03.2015, 12:53

frst:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by Georg (administrator) on GEORG-PC on 04-03-2015 12:47:50
Running from C:\Users\Georg\Desktop
Loaded Profiles: Georg (Available profiles: Georg & UpdatusUser)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
Failed to access process -> ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
(Flux Software LLC) C:\Users\Georg\AppData\Local\FluxSoftware\Flux\flux.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13197456 2015-02-13] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\Run: [Spotify] => C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-02-16] (Spotify Ltd)
HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1801992 2015-01-29] (SeriousBit)
HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\Run: [f.lux] => C:\Users\Georg\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-396868433-2904709971-3009115836-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 131.188.0.10 131.188.0.11

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\1y9wmdjv.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\1y9wmdjv.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-03-03]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-04] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-18] ()
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [128776 2015-01-29] (SeriousBit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [41392 2013-11-25] (SeriousBit)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 12:47 - 2015-03-04 12:48 - 00015628 _____ () C:\Users\Georg\Desktop\FRST.txt
2015-03-04 12:47 - 2015-03-04 12:47 - 00000000 ____D () C:\FRST
2015-03-04 12:45 - 2015-03-04 12:45 - 02092544 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2015-03-04 10:55 - 2015-03-04 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-03-04 10:55 - 2015-03-04 10:55 - 00000000 ____D () C:\ProgramData\LogiShrd
2015-03-04 10:54 - 2015-03-04 10:54 - 04147600 _____ ($Co_Name Inc.) C:\Users\Georg\Downloads\unifying250.exe
2015-03-04 10:43 - 2015-03-04 10:55 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2015-03-04 10:41 - 2015-03-04 10:42 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Logishrd
2015-03-04 10:41 - 2015-03-04 10:41 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Logitech
2015-03-04 10:40 - 2015-03-04 10:40 - 03677488 _____ (Logitech Inc.) C:\Users\Georg\Downloads\SetPoint6.65.62_smart.exe
2015-03-03 23:19 - 2015-03-03 23:19 - 00001141 _____ () C:\Users\Georg\Desktop\AdwCleaner[S0].txt
2015-03-03 22:57 - 2015-03-03 22:57 - 00000000 ____D () C:\Users\Georg\AppData\Local\calibre-cache
2015-03-03 22:56 - 2015-03-03 23:09 - 00000000 ____D () C:\Users\Georg\Documents\Calibre-Bibliothek
2015-03-03 22:55 - 2015-03-03 22:57 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\calibre
2015-03-03 22:55 - 2015-03-03 22:55 - 00000972 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2015-03-03 22:55 - 2015-03-03 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-03-03 22:55 - 2015-03-03 22:55 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2015-03-03 22:51 - 2015-03-03 22:51 - 01203488 _____ () C:\Users\Georg\Downloads\Calibre 32 Bit - CHIP-Installer.exe
2015-03-03 21:49 - 2015-03-03 21:49 - 00000501 _____ () C:\Users\Georg\Desktop\log.rar
2015-03-03 21:06 - 2015-03-03 23:15 - 00000000 ____D () C:\AdwCleaner
2015-03-03 21:05 - 2015-03-03 23:09 - 02126848 _____ () C:\Users\Georg\Downloads\AdwCleaner_4.111.exe
2015-03-03 20:30 - 2015-03-03 20:30 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-03 20:30 - 2015-03-03 20:30 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-03 20:30 - 2015-03-03 20:30 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\WinRAR
2015-03-03 20:29 - 2015-03-03 20:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-03 20:28 - 2015-03-03 20:28 - 00243576 _____ () C:\Users\Georg\Downloads\Firefox Setup Stub 36.0.exe
2015-03-03 20:19 - 2015-03-03 20:19 - 00001280 _____ () C:\Users\Georg\Desktop\Revo Uninstaller.lnk
2015-03-03 20:19 - 2015-03-03 20:19 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-03 20:15 - 2015-03-04 12:42 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-03 20:15 - 2015-03-03 20:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Georg\Downloads\revosetup95.exe
2015-03-03 20:15 - 2015-03-03 20:15 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-03 20:15 - 2015-03-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-03 20:15 - 2015-03-03 20:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-03 20:15 - 2015-03-03 20:15 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-03 20:15 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-03 20:15 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-03 20:15 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-03 20:14 - 2015-03-03 20:14 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Georg\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-03 20:08 - 2015-03-03 20:08 - 00000000 __SHD () C:\Users\Georg\AppData\Local\EmieUserList
2015-03-03 20:08 - 2015-03-03 20:08 - 00000000 __SHD () C:\Users\Georg\AppData\Local\EmieSiteList
2015-03-03 20:08 - 2015-03-03 20:08 - 00000000 __SHD () C:\Users\Georg\AppData\Local\EmieBrowserModeList
2015-03-03 19:55 - 2015-03-03 19:55 - 00231544 _____ () C:\Users\Georg\Downloads\install_jd_one.exe
2015-02-26 02:00 - 2015-03-02 11:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-26 00:04 - 2015-02-26 00:04 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-02-26 00:04 - 2015-02-26 00:04 - 00000000 ____D () C:\Users\Georg\AppData\Local\FluxSoftware
2015-02-26 00:03 - 2015-02-26 00:03 - 00597304 _____ () C:\Users\Georg\Downloads\flux-setup.exe
2015-02-25 12:37 - 2015-02-25 12:37 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-02-25 11:53 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 11:53 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 01:05 - 2015-02-25 01:05 - 00001033 _____ () C:\Users\Georg\Desktop\Telegram.lnk
2015-02-23 12:18 - 2015-03-04 12:46 - 00005136 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GEORG-PC-Georg Georg-PC
2015-02-23 12:18 - 2015-02-23 12:18 - 00000000 ____D () C:\Users\Georg\Documents\Benutzerdefinierte Office-Vorlagen
2015-02-22 19:29 - 2015-02-22 19:29 - 00000000 __RHD () C:\MSOCache
2015-02-22 19:09 - 2015-02-22 19:09 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-02-22 18:48 - 2015-02-22 18:48 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-02-22 18:44 - 2015-02-22 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-22 18:41 - 2015-02-22 18:41 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-22 18:40 - 2015-02-22 18:40 - 01463480 _____ (Microsoft Corporation) C:\Users\Georg\Downloads\Setup.X64.de-de_O365ProPlusRetail_48b80b64-b071-4481-8190-344060a99d88_TX_PR_.exe
2015-02-21 17:31 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-21 17:31 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-21 17:31 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-21 17:31 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-21 17:31 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-21 17:30 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-21 16:55 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-21 16:55 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-21 16:55 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-21 16:55 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-21 16:52 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-21 16:52 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-21 16:52 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-21 16:52 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-21 16:52 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-21 16:52 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-21 16:51 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-21 16:51 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-21 16:42 - 2015-02-21 16:42 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-21 16:42 - 2015-02-21 16:42 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-02-21 16:41 - 2015-02-21 16:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-21 16:40 - 2015-02-21 16:50 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-20 23:50 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-20 23:50 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-20 23:50 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-20 23:50 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-20 23:48 - 2015-02-20 23:48 - 00000000 ____D () C:\ProgramData\Riot Games
2015-02-20 23:46 - 2015-02-20 23:46 - 00000000 ____D () C:\Riot Games
2015-02-20 23:46 - 2015-02-20 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-02-20 23:46 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-02-20 23:46 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-02-20 23:46 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-02-20 23:46 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-02-20 23:46 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-02-20 23:44 - 2015-02-20 23:45 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Riot Games
2015-02-20 23:43 - 2015-02-20 23:44 - 30668968 _____ (Riot Games) C:\Users\Georg\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-02-20 00:09 - 2015-02-20 00:09 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Guitar Pro 6
2015-02-20 00:09 - 2015-02-20 00:09 - 00000000 ____D () C:\ProgramData\Guitar Pro 6
2015-02-20 00:08 - 2015-02-20 00:08 - 00001052 _____ () C:\Users\Public\Desktop\Guitar Pro 6.lnk
2015-02-20 00:08 - 2015-02-20 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
2015-02-20 00:06 - 2015-02-20 00:07 - 00000000 ____D () C:\Program Files (x86)\Guitar Pro 6
2015-02-19 23:37 - 2015-02-19 23:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-19 23:37 - 2015-02-19 23:37 - 00000000 ____D () C:\ProgramData\Sun
2015-02-19 23:37 - 2015-02-19 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-19 23:36 - 2015-02-19 23:37 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-19 23:36 - 2015-02-19 23:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-19 23:31 - 2015-02-19 23:48 - 154449468 _____ (Arobas Music ) C:\Users\Georg\Downloads\gp6-full-win-demo-r11621.exe
2015-02-19 23:31 - 2015-02-19 23:31 - 00639912 _____ (Oracle Corporation) C:\Users\Georg\Downloads\jxpiinstall.exe
2015-02-19 23:28 - 2015-02-19 23:28 - 00021137 _____ () C:\Users\Georg\Desktop\presnyakov_igor-vashe_blagorodie_gospoja_udacha.gpx
2015-02-19 21:58 - 2015-02-19 21:59 - 00000000 ____D () C:\Program Files\NetBalancer
2015-02-19 21:58 - 2015-02-19 21:58 - 00000940 _____ () C:\Users\Public\Desktop\NetBalancer Tray.lnk
2015-02-19 21:58 - 2015-02-19 21:58 - 00000930 _____ () C:\Users\Public\Desktop\NetBalancer.lnk
2015-02-19 21:58 - 2015-02-19 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer
2015-02-19 21:58 - 2013-11-25 09:28 - 00041392 _____ (SeriousBit) C:\WINDOWS\system32\Drivers\nbdrv.sys
2015-02-19 21:57 - 2015-02-19 21:57 - 04980648 _____ (SeriousBit ) C:\Users\Georg\Downloads\NetBalancerSetup.exe
2015-02-19 15:17 - 2015-02-19 15:17 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-02-19 15:11 - 2015-03-04 12:42 - 00000000 ___RD () C:\Users\Georg\OneDrive
2015-02-19 15:09 - 2015-02-19 15:09 - 00001450 _____ () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-19 15:08 - 2015-02-19 15:08 - 00000020 ___SH () C:\Users\Georg\ntuser.ini
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-19 15:05 - 2015-02-19 15:05 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-19 14:53 - 2015-02-19 14:53 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-19 14:51 - 2015-02-19 14:51 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-19 14:50 - 2015-03-04 12:40 - 00000000 ____D () C:\Users\Georg
2015-02-19 14:50 - 2015-02-19 15:06 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2015-02-19 14:50 - 2015-02-19 15:06 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2015-02-19 14:50 - 2015-02-19 14:51 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-19 14:50 - 2015-02-19 14:51 - 00000000 ___RD () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Vorlagen
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Startmenü
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Netzwerkumgebung
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Lokale Einstellungen
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Eigene Dateien
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Druckumgebung
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Documents\Eigene Musik
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Documents\Eigene Bilder
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\AppData\Local\Verlauf
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\AppData\Local\Anwendungsdaten
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Anwendungsdaten
2015-02-19 14:50 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-19 14:50 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-19 14:50 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-19 14:50 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-19 14:50 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-19 14:50 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-19 14:50 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-19 14:50 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-19 14:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-19 14:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-19 14:43 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-02-19 14:43 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-02-19 14:43 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-02-19 14:42 - 2015-03-04 12:47 - 01775120 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-19 14:42 - 2015-02-19 14:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-19 14:42 - 2015-02-19 14:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-19 14:42 - 2015-02-19 14:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-19 14:42 - 2015-02-19 14:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-19 14:42 - 2015-02-19 14:42 - 00000000 ____D () C:\Program Files\Realtek
2015-02-19 14:41 - 2015-02-19 14:52 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-19 14:41 - 2015-02-19 14:41 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-02-19 14:41 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-02-19 14:41 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-02-19 14:38 - 2015-02-19 15:08 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-19 14:38 - 2015-02-19 14:38 - 00000000 __SHD () C:\Recovery
2015-02-19 14:36 - 2015-02-19 14:36 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-19 14:36 - 2015-02-19 14:36 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-19 14:34 - 2015-02-19 14:34 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-19 14:34 - 2015-02-19 14:34 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-19 14:34 - 2015-02-19 14:34 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-19 14:34 - 2015-02-19 14:34 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-19 14:34 - 2015-02-19 14:34 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-19 14:34 - 2015-02-19 14:34 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-19 14:33 - 2015-02-19 14:33 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-19 14:33 - 2015-02-19 14:33 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-19 14:33 - 2015-02-19 14:33 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-19 14:33 - 2015-02-19 14:33 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-19 14:33 - 2015-02-19 14:33 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-19 14:33 - 2015-02-19 14:33 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-19 14:33 - 2015-02-19 14:33 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-19 14:33 - 2015-02-19 14:33 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-19 14:32 - 2015-02-19 14:32 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-19 14:31 - 2015-02-19 14:31 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-19 14:31 - 2015-02-19 14:31 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-19 00:29 - 2015-02-19 00:29 - 00000000 ____D () C:\ProgramData\SeriousBit
2015-02-18 23:50 - 2015-02-18 23:51 - 01203488 _____ () C:\Users\Georg\Downloads\NetBalancer - CHIP-Installer.exe
2015-02-18 23:45 - 2015-02-18 23:45 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Locktime
2015-02-18 23:37 - 2015-02-19 14:53 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-02-18 23:37 - 2015-02-18 23:37 - 00000000 ____D () C:\ProgramData\Locktime
2015-02-18 23:36 - 2015-02-18 23:36 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Locktime Software
2015-02-18 23:35 - 2015-02-18 23:36 - 06996832 _____ (Locktime Software) C:\Users\Georg\Downloads\netlimiter-4.0.9.0.exe
2015-02-18 00:07 - 2015-02-18 00:07 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Avira
2015-02-18 00:04 - 2015-03-04 10:55 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-02-18 00:01 - 2015-03-04 10:55 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-02-18 00:01 - 2015-03-04 10:55 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-02-18 00:01 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-02-17 23:54 - 2015-02-19 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-17 23:54 - 2015-02-18 00:01 - 00000000 ____D () C:\ProgramData\Avira
2015-02-17 23:54 - 2015-02-18 00:01 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-17 23:54 - 2015-02-17 23:54 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Georg\Downloads\avira_de_av___ws.exe
2015-02-17 23:54 - 2015-02-17 23:54 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-16 18:56 - 2015-02-16 18:56 - 00000000 ____D () C:\Users\Georg\AppData\Local\Macromedia
2015-02-16 18:39 - 2015-03-04 11:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-16 18:39 - 2015-03-03 22:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-16 18:38 - 2015-03-03 22:51 - 00000000 ____D () C:\Users\Georg\AppData\Local\Adobe
2015-02-16 15:41 - 2015-02-19 15:06 - 00009680 _____ () C:\WINDOWS\comsetup.log
2015-02-16 14:34 - 2015-02-19 14:54 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-16 14:34 - 2015-02-19 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-16 14:34 - 2015-02-16 14:34 - 02059896 _____ () C:\Users\Georg\Downloads\winrar-x64-520d.exe
2015-02-16 14:34 - 2015-02-16 14:34 - 00000000 ____D () C:\Program Files\WinRAR
2015-02-16 14:33 - 2012-06-13 18:23 - 09888912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsBaStorIcon.dll
2015-02-16 14:33 - 2012-06-13 18:23 - 00294544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2015-02-16 14:24 - 2015-03-02 10:40 - 00000000 ____D () C:\Users\Georg\AppData\Local\Spotify
2015-02-16 14:24 - 2015-02-16 14:24 - 00001805 _____ () C:\Users\Georg\Desktop\Spotify.lnk
2015-02-16 14:24 - 2015-02-16 14:24 - 00001791 _____ () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-02-16 14:23 - 2015-03-04 12:47 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Spotify
2015-02-16 14:22 - 2015-03-02 23:22 - 00000000 ____D () C:\Users\Georg\zeug
2015-02-16 14:20 - 2015-02-16 14:20 - 00137888 _____ (Spotify Ltd) C:\Users\Georg\Downloads\SpotifySetup.exe
2015-02-16 14:08 - 2015-02-16 14:08 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-02-16 14:00 - 2015-02-16 14:00 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Thunderbird
2015-02-16 14:00 - 2015-02-16 14:00 - 00000000 ____D () C:\Users\Georg\AppData\Local\Thunderbird
2015-02-16 13:59 - 2015-02-16 13:59 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-02-16 13:59 - 2015-02-16 13:59 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-02-16 13:58 - 2015-02-16 13:58 - 28742864 _____ (Mozilla) C:\Users\Georg\Downloads\Thunderbird Setup 31.4.0.exe
2015-02-14 15:53 - 2015-03-03 22:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-14 15:53 - 2015-02-14 15:53 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Mozilla
2015-02-14 15:53 - 2015-02-14 15:53 - 00000000 ____D () C:\Users\Georg\AppData\Local\Mozilla
2015-02-14 15:53 - 2015-02-14 15:53 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-14 15:45 - 2015-02-19 21:52 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-14 13:33 - 2015-01-29 09:30 - 00011056 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-02-13 18:14 - 2014-12-31 12:14 - 00298120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-02-13 17:53 - 2015-02-13 17:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-13 17:53 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-13 17:33 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-02-13 17:33 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-02-13 16:45 - 2015-02-25 12:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-02-13 16:45 - 2015-02-25 12:29 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-02-13 16:45 - 2015-02-16 14:39 - 00016302 _____ () C:\WINDOWS\system32\results.xml
2015-02-13 16:45 - 2015-02-13 16:45 - 00000000 _____ () C:\Users\Georg\agent.log
2015-02-13 16:41 - 2015-02-13 18:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-13 16:41 - 2015-02-13 16:41 - 00000000 ____D () C:\temp
2015-02-13 16:40 - 2015-02-13 16:40 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-02-13 16:39 - 2015-02-13 16:39 - 00000324 _____ () C:\WINDOWS\system32\netcfg-554812.txt
2015-02-13 16:39 - 2015-02-13 16:39 - 00000000 ____D () C:\WINDOWS\Options
2015-02-13 16:39 - 2015-02-13 16:39 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2015-02-13 16:39 - 2012-09-26 21:11 - 00080063 _____ () C:\WINDOWS\system32\athw8x.cat
2015-02-13 16:39 - 2012-09-19 00:15 - 03653632 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\athw8x.sys
2015-02-13 16:38 - 2015-02-19 14:54 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-02-13 16:38 - 2015-02-13 16:38 - 00001058 _____ () C:\WINDOWS\system32\netcfg-484093.txt
2015-02-13 16:38 - 2015-02-13 16:38 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Intel
2015-02-13 16:37 - 2015-02-17 23:54 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-13 16:37 - 2015-02-13 16:43 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-02-13 16:37 - 2015-02-13 16:37 - 00000000 ____D () C:\ProgramData\Intel.sav
2015-02-13 16:37 - 2015-02-13 16:37 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-02-13 16:35 - 2015-03-04 12:41 - 00000854 _____ () C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-02-13 16:35 - 2015-03-03 16:26 - 00000856 _____ () C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-02-13 16:35 - 2015-02-13 16:35 - 00003498 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-02-13 16:35 - 2015-02-13 16:35 - 00003194 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-02-13 16:35 - 2015-02-13 16:35 - 00000000 _____ () C:\WINDOWS\SysWOW64\agent.log
2015-02-13 15:34 - 2015-02-19 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-13 15:34 - 2015-02-13 16:37 - 00000000 ____D () C:\ProgramData\Intel
2015-02-13 15:34 - 2012-06-25 10:42 - 00015168 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2015-02-13 15:33 - 2015-02-13 15:33 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\InstallShield
2015-02-13 15:33 - 2012-07-02 15:16 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys
2015-02-13 15:29 - 2015-02-13 16:38 - 00000000 ____D () C:\Program Files\Intel
2015-02-13 15:29 - 2015-02-13 15:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2015-02-13 15:25 - 2015-02-13 16:37 - 00024116 _____ () C:\WINDOWS\DPINST.LOG
2015-02-13 15:25 - 2015-02-13 16:37 - 00000000 ____D () C:\Program Files\DIFX
2015-02-13 15:25 - 2015-02-13 15:25 - 00003542 _____ () C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-02-13 15:25 - 2015-02-13 15:25 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-02-13 15:24 - 2015-02-13 15:24 - 00000304 _____ () C:\WINDOWS\system32\netcfg-3554640.txt
2015-02-13 15:24 - 2015-02-13 15:24 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3559671.txt
2015-02-13 15:24 - 2015-02-13 15:24 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3554328.txt
2015-02-13 15:23 - 2015-02-19 14:53 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-02-13 15:23 - 2015-02-13 15:23 - 00000000 ____D () C:\Intel
2015-02-13 15:23 - 2012-07-04 10:55 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2015-02-13 15:21 - 2015-02-16 14:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-02-13 15:21 - 2015-02-13 16:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-13 15:21 - 2015-02-13 15:22 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-02-13 15:21 - 2015-02-13 15:21 - 08004096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-02-13 15:21 - 2015-02-13 15:21 - 07601528 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 04177680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-02-13 15:21 - 2015-02-13 15:21 - 03671184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 02743440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 02700896 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 02080120 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 02028920 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01706640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01561744 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-02-13 15:21 - 2015-02-13 15:21 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01460600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01267856 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00881808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00869752 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00772224 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00501192 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00487368 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00415688 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00394616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00394616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00361937 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-02-13 15:21 - 2015-02-13 15:21 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00202336 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00115856 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00110592 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-02-13 15:21 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-02-13 15:21 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-02-13 15:21 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-02-13 15:21 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-02-13 15:21 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-02-13 15:16 - 2015-02-16 14:35 - 00000000 ____D () C:\Users\Georg\Desktop\Treiber
2015-02-13 15:14 - 2015-02-13 15:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2950468.txt
2015-02-13 15:14 - 2015-02-13 15:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2919921.txt
2015-02-13 15:12 - 2015-02-13 15:12 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2824468.txt
2015-02-13 15:12 - 2015-02-13 15:12 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2804640.txt
2015-02-13 15:07 - 2015-03-04 12:46 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-396868433-2904709971-3009115836-1001
2015-02-13 15:03 - 2015-02-13 15:03 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Macromedia
2015-02-13 15:02 - 2015-02-21 16:49 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Adobe
2015-02-13 15:01 - 2015-03-03 17:20 - 00000000 ____D () C:\Users\Georg\AppData\Local\Packages
2015-02-13 15:01 - 2015-02-19 14:52 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-13 15:01 - 2015-02-13 15:01 - 00000000 ____D () C:\Users\Georg\AppData\Local\VirtualStore
2015-02-13 15:00 - 2015-02-19 14:18 - 02053431 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-02-13 14:59 - 2015-02-13 14:59 - 00001027 _____ () C:\WINDOWS\system32\netcfg-2062859.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000200 _____ () C:\WINDOWS\system32\netcfg-2063390.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2063234.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2063203.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2062703.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2059546.txt
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Programme
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-02-13 14:23 - 2015-02-13 14:23 - 00001136 _____ () C:\WINDOWS\system32\netcfg-71000.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00001135 _____ () C:\WINDOWS\system32\netcfg-74250.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00001101 _____ () C:\WINDOWS\system32\netcfg-86968.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000197 _____ () C:\WINDOWS\system32\netcfg-71484.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000185 _____ () C:\WINDOWS\system32\netcfg-70593.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000164 _____ () C:\WINDOWS\system32\netcfg-64312.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000162 _____ () C:\WINDOWS\system32\netcfg-87781.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000161 _____ () C:\WINDOWS\system32\netcfg-70328.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000160 _____ () C:\WINDOWS\system32\netcfg-69781.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000160 _____ () C:\WINDOWS\system32\netcfg-69515.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000160 _____ () C:\WINDOWS\system32\netcfg-64609.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000159 _____ () C:\WINDOWS\system32\netcfg-69281.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000157 _____ () C:\WINDOWS\system32\netcfg-70031.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000157 _____ () C:\WINDOWS\system32\netcfg-63906.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000150 _____ () C:\WINDOWS\system32\netcfg-68796.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 12:47 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-04 12:47 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-04 12:47 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-04 12:40 - 2013-08-22 15:46 - 00340358 _____ () C:\WINDOWS\setupact.log
2015-03-04 12:40 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-04 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-04 10:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-03 23:16 - 2014-11-20 19:24 - 00019768 _____ () C:\WINDOWS\PFRO.log
2015-02-25 14:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-25 12:29 - 2013-08-22 15:44 - 00482240 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-25 12:24 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-25 12:24 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-25 12:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-25 12:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-25 12:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-25 12:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-25 12:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-25 12:21 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-21 16:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-19 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-19 15:17 - 2013-08-22 15:46 - 00000395 _____ () C:\WINDOWS\setuperr.log
2015-02-19 15:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-19 15:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-19 15:06 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-19 15:04 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-19 15:04 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-19 14:54 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-19 14:54 - 2013-08-22 14:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-19 14:54 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-19 14:53 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-19 14:53 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-19 14:53 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-19 14:53 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-19 14:52 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-19 14:52 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-19 14:52 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-19 14:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-19 14:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-19 14:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-19 14:47 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-19 14:36 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-19 14:34 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-19 14:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-14 13:28 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-13 15:27 - 2012-06-19 07:40 - 00342528 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2015-02-13 15:27 - 2012-06-19 07:40 - 00016896 _____ (Intel(R) Corporation) C:\WINDOWS\system32\IntcDAuC.dll
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Georg\AppData\Local\Temp\130698825274624910.exe
C:\Users\Georg\AppData\Local\Temp\13069882532096580713.exe
C:\Users\Georg\AppData\Local\Temp\avgnt.exe
C:\Users\Georg\AppData\Local\Temp\Quarantine.exe
C:\Users\Georg\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-01 19:58

==================== End Of Log ============================

--- --- ---

addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2015
Ran by Georg at 2015-03-04 12:49:26
Running from C:\Users\Georg\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira)
calibre (HKLM-x32\...\{799A9A36-B2CF-4693-ABB1-FB2C3E53FBA5}) (Version: 2.20.0 - Kovid Goyal)
f.lux (HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\Flux) (Version:  - )
Guitar Pro 6 Demo (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e6d17d96-ddaa-476f-bb07-db601024ffb1}) (Version: 15.8.0 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
NetBalancer (HKLM\...\NetBalancer_is1) (Version:  - SeriousBit)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6754 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Spotify (HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Telegram Desktop Version 0.7.17 (HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.7.17 - Telegram Messenger LLP)
Windows-Treiberpaket - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
Windows-Treiberpaket - Intel (NETwNe64) net  (04/25/2013 15.8.0.5) (HKLM\...\9B354F6EAED43D75669CF7F8A8A9069370085284) (Version: 04/25/2013 15.8.0.5 - Intel)
Windows-Treiberpaket - Intel (NETwNs64) net  (01/22/2012 14.3.2.1) (HKLM\...\CD88F0FADE1395C9F91302912FD35B13CF75C196) (Version: 01/22/2012 14.3.2.1 - Intel)
Windows-Treiberpaket - Intel (NETwNs64) net  (04/18/2013 15.7.0.3) (HKLM\...\44647D58007CDB12578BC522079E50AD607ADD10) (Version: 04/18/2013 15.7.0.3 - Intel)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

03-03-2015 20:21:37 Revo Uninstaller's restore point - Mozilla Firefox 36.0 (x86 de)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A56A607-BBF4-4A9A-8374-BD5A54E8B85F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {2ADFA711-40AB-4286-930C-340FEE53BD8D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2AF69FB0-A666-4905-9262-F7E4A58471B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-29] (Microsoft Corporation)
Task: {3B0B34F3-3F16-4090-8E24-CFDBE1EF0AC8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for GEORG-PC-Georg Georg-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-22] (Microsoft Corporation)
Task: {5CDA31D6-D6FD-4132-A63E-638B89490FE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-22] (Microsoft Corporation)
Task: {5FAEE319-E4A4-410B-8A50-C2B5FEE2B059} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
Task: {7DD4DD6C-AA64-4414-9B65-F4573D4622F4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {C5EE9978-43D1-41CF-8469-7D41EC1405D3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-22] (Microsoft Corporation)
Task: {C6D0F1B0-50C5-4DB7-A336-A8E1E777EA05} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {E2656EC1-A68B-45A6-A9E2-19C202DD9514} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-03] (Adobe Systems Incorporated)
Task: {F467EE76-3DB0-49C7-9977-6E1CEAF18A8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {F923185F-4FCA-405B-9A26-E1D1441FA4CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-22] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (whitelisted) ==============

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-22 18:41 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-19 21:58 - 2015-01-29 15:32 - 00115712 _____ () C:\Program Files\NetBalancer\Events.dll
2015-02-19 21:59 - 2015-02-19 21:59 - 00217864 _____ () C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\SeriousBit.NetBalancer.DeskBand\v4.0_1.0.0.0__ce1333cc798c13ee\SeriousBit.NetBalancer.DeskBand.dll
2015-02-19 21:58 - 2015-01-29 15:33 - 00217352 _____ () C:\Program Files\NetBalancer\PacketDotNet.dll
2015-02-19 21:58 - 2015-01-29 15:33 - 00031744 _____ () C:\Program Files\NetBalancer\BugReporting.dll
2015-02-22 18:41 - 2015-02-22 18:41 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream64.dll
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-16 14:24 - 2015-02-16 14:24 - 00374840 _____ () C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2015-02-16 14:24 - 2015-02-16 14:24 - 36966968 _____ () C:\Users\Georg\AppData\Roaming\Spotify\Data\libcef.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-16 14:24 - 2015-02-16 14:24 - 00867896 _____ () C:\Users\Georg\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2015-02-16 14:24 - 2015-02-16 14:24 - 00886840 _____ () C:\Users\Georg\AppData\Roaming\Spotify\Data\libglesv2.dll
2015-02-16 14:24 - 2015-02-16 14:24 - 00108600 _____ () C:\Users\Georg\AppData\Roaming\Spotify\Data\libegl.dll
2015-02-13 15:34 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Georg\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-396868433-2904709971-3009115836-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 131.188.0.10 - 131.188.0.11

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-396868433-2904709971-3009115836-500 - Administrator - Disabled)
Gast (S-1-5-21-396868433-2904709971-3009115836-501 - Limited - Disabled)
Georg (S-1-5-21-396868433-2904709971-3009115836-1001 - Administrator - Enabled) => C:\Users\Georg
UpdatusUser (S-1-5-21-396868433-2904709971-3009115836-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Datensammlungs- und Signalverarbeitungscontroller
Description: PCI-Datensammlungs- und Signalverarbeitungscontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2015 00:42:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.8.0.0, Zeitstempel: 0x51709701
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.8.0.0, Zeitstempel: 0x5170961c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026990
ID des fehlerhaften Prozesses: 0x9a0
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (03/04/2015 10:40:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 14.0.7.462 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 838

Startzeit: 01d056050cd1b4b2

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 45af6cd1-c252-11e4-be76-dc85de53ee11

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/04/2015 10:37:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e64

Startzeit: 01d0565e243cde62

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 1a86123c-c252-11e4-be76-dc85de53ee11

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2015 10:32:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1054

Startzeit: 01d056582d47652e

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 5e9bb9de-c251-11e4-be76-dc85de53ee11

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2015 09:28:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e8c

Startzeit: 01d056547ac82784

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 6f0fbf85-c248-11e4-be76-dc85de53ee11

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2015 09:18:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1714

Startzeit: 01d0560c5715f2e5

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 12948aaf-c247-11e4-be76-dc85de53ee11

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/03/2015 10:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f88

Startzeit: 01d055f8cf096371

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: c30913e4-c1ec-11e4-be75-dc85de53ee11

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/03/2015 09:34:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.711, Zeitstempel: 0x542b53ec
Name des fehlerhaften Moduls: mbamcore.dll, Version: 1.1.20.0, Zeitstempel: 0x5425b0dd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003a584
ID des fehlerhaften Prozesses: 0x1e24
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (03/03/2015 07:56:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.0.5531, Zeitstempel: 0x54eb029a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.0.5531, Zeitstempel: 0x54eaf3b7
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x26c0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/03/2015 02:49:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.0.5531, Zeitstempel: 0x54eb029a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.0.5531, Zeitstempel: 0x54eaf3b7
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x20c4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5


System errors:
=============
Error: (03/04/2015 00:44:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/04/2015 00:44:18 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/04/2015 00:43:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/04/2015 00:42:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NetBalancerService" wurde nicht richtig gestartet.

Error: (03/04/2015 00:40:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎03.‎2015 um 11:58:25 unerwartet heruntergefahren.

Error: (03/04/2015 10:53:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/04/2015 10:53:30 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/03/2015 11:20:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/03/2015 11:20:11 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/03/2015 11:18:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ZeroConfigService erreicht.


Microsoft Office Sessions:
=========================
Error: (03/04/2015 00:42:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.8.0.051709701MurocApi.dll15.8.0.05170961cc000000500000000000269909a001d056701516b7f5C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll86320bfd-c263-11e4-be78-dc85de53ee11

Error: (03/04/2015 10:40:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe14.0.7.46283801d056050cd1b4b260000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe45af6cd1-c252-11e4-be76-dc85de53ee11

Error: (03/04/2015 10:37:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.206891e6401d0565e243cde624294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe1a86123c-c252-11e4-be76-dc85de53ee11microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2015 10:32:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689105401d056582d47652e4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe5e9bb9de-c251-11e4-be76-dc85de53ee11microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2015 09:28:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689e8c01d056547ac827844294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe6f0fbf85-c248-11e4-be76-dc85de53ee11microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2015 09:18:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689171401d0560c5715f2e54294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe12948aaf-c247-11e4-be76-dc85de53ee11microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/03/2015 10:32:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689f8801d055f8cf0963714294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exec30913e4-c1ec-11e4-be75-dc85de53ee11microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/03/2015 09:34:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711542b53ecmbamcore.dll1.1.20.05425b0ddc00000050003a5841e2401d055e66853911fC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamcore.dlla6376dfb-c1e4-11e4-be74-dc85de53ee11

Error: (03/03/2015 07:56:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.0.553154eb029amozalloc.dll36.0.0.553154eaf3b78000000300001e0226c001d055b90daf12b7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllfa8ec929-c1d6-11e4-be74-dc85de53ee11

Error: (03/03/2015 02:49:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.0.553154eb029amozalloc.dll36.0.0.553154eaf3b78000000300001e0220c401d0544e5a6399ffC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll27298c39-c1ac-11e4-be74-dc85de53ee11


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 49%
Total physical RAM: 3981.67 MB
Available physical RAM: 1997.14 MB
Total Pagefile: 5581.67 MB
Available Pagefile: 3097.48 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.8 GB) (Free:423.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 000A47F0)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 3359CAB9)

Partition: GPT Partition Type.

==================== End Of Log ============================

Ich habe gemerkt, dass der PCnun deutlich länger zum booten braucht und ein schwarzer Bildschrim vor der Benutzerauswahl erscheint.

Wäre es leichter/schneller den pc neu zu formatieren?

schrauber · 04.03.2015, 16:31

Klar, aber irgendwie unnötig

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Lade Dir bitte von hier

Emsisoft Emergency Kit herunter.

Bitte installiere das Programm in den vorgegebenen Pfad.
Starte das Programm durch Doppelklick der Desktopverknüpfung.
Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

und ein frisches FRST log bitte.

yxc32 · 04.03.2015, 17:04

Soll ich das FRST log nach den ganzen Schritten posten, oder eins erstellen, bevor ich die Schritte durchführe?

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8.1 x64
Ran by Georg on 04.03.2015 at 16:54:58,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Georg\AppData\Roaming\mozilla\firefox\profiles\1y9wmdjv.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.03.2015 at 16:59:07,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

der Log von JRT

schrauber · 04.03.2015, 17:42

Wie es da steht, in der Reihenfolge:

JRT, EEK, dann frisches FRST log.

yxc32 · 04.03.2015, 18:57

Der log vom JRT ist im Post drüber. Danke für deine Hilfe

Code:

ATTFilter

Emsisoft Emergency Kit - Version 9.0
Letztes Update: 04.03.2015 17:09:21
Benutzerkonto: GEORG-PC\Georg

Scan-Einstellungen:

Scan Methode: Detail-Scan
Objekte: Rootkits, Speicher, Traces, C:\

PUPs-Erkennung: An
Archiv-Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan-Beginn:	04.03.2015 17:10:58
Value: HKEY_USERS\S-1-5-21-396868433-2904709971-3009115836-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR 	gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-396868433-2904709971-3009115836-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS 	gefunden: Setting.DisableRegistryTools (A)
C:\ProgramData\Avira\AntiVir Desktop\INFECTED\50e69558.qua -> (Quarantine-8) 	gefunden: Gen:Variant.Adware.Graftor.172099 (B)

Gescannt	234713
Gefunden	3

Scan-Ende:	04.03.2015 18:50:22
Scan-Zeit:	1:39:24

C:\ProgramData\Avira\AntiVir Desktop\INFECTED\50e69558.qua	Quarantäne Gen:Variant.Adware.Graftor.172099 (B)
Value: HKEY_USERS\S-1-5-21-396868433-2904709971-3009115836-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS	Quarantäne Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-396868433-2904709971-3009115836-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR	Quarantäne Setting.DisableTaskMgr (A)

Quarantäne	3

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015
Ran by Georg (administrator) on GEORG-PC on 04-03-2015 18:56:17
Running from C:\Users\Georg\Desktop
Loaded Profiles: Georg & UpdatusUser (Available profiles: Georg & UpdatusUser)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
Failed to access process -> ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
(Flux Software LLC) C:\Users\Georg\AppData\Local\FluxSoftware\Flux\flux.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Georg\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Emsisoft GmbH) C:\EEK\bin\a2emergencykit.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13197456 2015-02-13] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\Run: [Spotify] => C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-02-16] (Spotify Ltd)
HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1801992 2015-01-29] (SeriousBit)
HKU\S-1-5-21-396868433-2904709971-3009115836-1001\...\Run: [f.lux] => C:\Users\Georg\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-396868433-2904709971-3009115836-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-396868433-2904709971-3009115836-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
URLSearchHook: [S-1-5-21-396868433-2904709971-3009115836-1004] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 131.188.0.10 131.188.0.11

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\1y9wmdjv.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\1y9wmdjv.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-03-04]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-04] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-18] ()
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [128776 2015-01-29] (SeriousBit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\bin\a2ddax64.sys [26176 2015-03-04] (Emsisoft GmbH)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-03-04] (Emsisoft GmbH)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [41392 2013-11-25] (SeriousBit)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 18:53 - 2015-03-04 18:53 - 00000000 ____D () C:\Users\Georg\Desktop\FRST-OlderVersion
2015-03-04 17:05 - 2015-03-04 17:07 - 00000000 ____D () C:\EEK
2015-03-04 17:05 - 2015-03-04 17:05 - 00000755 _____ () C:\Users\Georg\Desktop\Start Emsisoft Emergency Kit.lnk
2015-03-04 16:59 - 2015-03-04 16:59 - 00000815 _____ () C:\Users\Georg\Desktop\JRT.txt
2015-03-04 16:53 - 2015-03-04 16:54 - 00031291 _____ () C:\Users\Georg\Desktop\Addition.txt
2015-03-04 16:52 - 2015-03-04 16:52 - 01388333 _____ (Thisisu) C:\Users\Georg\Desktop\JRT.exe
2015-03-04 16:49 - 2015-03-04 16:50 - 166189904 _____ () C:\Users\Georg\Downloads\EmsisoftEmergencyKit.exe
2015-03-04 16:07 - 2015-03-04 17:03 - 00000000 __RHD () C:\ESD
2015-03-04 16:04 - 2015-03-04 16:04 - 01322960 _____ (Microsoft Corporation) C:\Users\Georg\Downloads\mediacreationtool.exe
2015-03-04 16:03 - 2015-03-04 16:03 - 01203488 _____ () C:\Users\Georg\Downloads\Windows Product Key Viewer - CHIP-Installer.exe
2015-03-04 16:03 - 2015-03-04 16:03 - 01203488 _____ () C:\Users\Georg\Downloads\Windows 8 1 Setup Tool - CHIP-Installer.exe
2015-03-04 12:47 - 2015-03-04 18:56 - 00016073 _____ () C:\Users\Georg\Desktop\FRST.txt
2015-03-04 12:47 - 2015-03-04 18:56 - 00000000 ____D () C:\FRST
2015-03-04 12:45 - 2015-03-04 18:53 - 02093056 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2015-03-04 10:55 - 2015-03-04 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-03-04 10:55 - 2015-03-04 10:55 - 00000000 ____D () C:\ProgramData\LogiShrd
2015-03-04 10:54 - 2015-03-04 10:54 - 04147600 _____ ($Co_Name Inc.) C:\Users\Georg\Downloads\unifying250.exe
2015-03-04 10:43 - 2015-03-04 10:55 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2015-03-04 10:41 - 2015-03-04 10:42 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Logishrd
2015-03-04 10:41 - 2015-03-04 10:41 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Logitech
2015-03-04 10:40 - 2015-03-04 10:40 - 03677488 _____ (Logitech Inc.) C:\Users\Georg\Downloads\SetPoint6.65.62_smart.exe
2015-03-03 23:19 - 2015-03-03 23:19 - 00001141 _____ () C:\Users\Georg\Desktop\AdwCleaner[S0].txt
2015-03-03 22:57 - 2015-03-03 22:57 - 00000000 ____D () C:\Users\Georg\AppData\Local\calibre-cache
2015-03-03 22:56 - 2015-03-03 23:09 - 00000000 ____D () C:\Users\Georg\Documents\Calibre-Bibliothek
2015-03-03 22:55 - 2015-03-03 22:57 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\calibre
2015-03-03 22:55 - 2015-03-03 22:55 - 00000972 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2015-03-03 22:55 - 2015-03-03 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-03-03 22:55 - 2015-03-03 22:55 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2015-03-03 22:51 - 2015-03-03 22:51 - 01203488 _____ () C:\Users\Georg\Downloads\Calibre 32 Bit - CHIP-Installer.exe
2015-03-03 21:49 - 2015-03-03 21:49 - 00000501 _____ () C:\Users\Georg\Desktop\log.rar
2015-03-03 21:06 - 2015-03-03 23:15 - 00000000 ____D () C:\AdwCleaner
2015-03-03 21:05 - 2015-03-03 23:09 - 02126848 _____ () C:\Users\Georg\Downloads\AdwCleaner_4.111.exe
2015-03-03 20:30 - 2015-03-03 20:30 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-03 20:30 - 2015-03-03 20:30 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-03 20:30 - 2015-03-03 20:30 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\WinRAR
2015-03-03 20:29 - 2015-03-03 20:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-03 20:28 - 2015-03-03 20:28 - 00243576 _____ () C:\Users\Georg\Downloads\Firefox Setup Stub 36.0.exe
2015-03-03 20:19 - 2015-03-03 20:19 - 00001280 _____ () C:\Users\Georg\Desktop\Revo Uninstaller.lnk
2015-03-03 20:19 - 2015-03-03 20:19 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-03 20:15 - 2015-03-04 18:41 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-03 20:15 - 2015-03-03 20:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Georg\Downloads\revosetup95.exe
2015-03-03 20:15 - 2015-03-03 20:15 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-03 20:15 - 2015-03-03 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-03 20:15 - 2015-03-03 20:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-03 20:15 - 2015-03-03 20:15 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-03 20:15 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-03 20:15 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-03 20:15 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-03 20:14 - 2015-03-03 20:14 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Georg\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-03 20:08 - 2015-03-03 20:08 - 00000000 __SHD () C:\Users\Georg\AppData\Local\EmieUserList
2015-03-03 20:08 - 2015-03-03 20:08 - 00000000 __SHD () C:\Users\Georg\AppData\Local\EmieSiteList
2015-03-03 20:08 - 2015-03-03 20:08 - 00000000 __SHD () C:\Users\Georg\AppData\Local\EmieBrowserModeList
2015-03-03 19:55 - 2015-03-03 19:55 - 00231544 _____ () C:\Users\Georg\Downloads\install_jd_one.exe
2015-02-26 02:00 - 2015-03-02 11:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-26 00:04 - 2015-02-26 00:04 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-02-26 00:04 - 2015-02-26 00:04 - 00000000 ____D () C:\Users\Georg\AppData\Local\FluxSoftware
2015-02-26 00:03 - 2015-02-26 00:03 - 00597304 _____ () C:\Users\Georg\Downloads\flux-setup.exe
2015-02-25 12:37 - 2015-02-25 12:37 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-02-25 11:53 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 11:53 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-25 01:05 - 2015-02-25 01:05 - 00001033 _____ () C:\Users\Georg\Desktop\Telegram.lnk
2015-02-23 12:18 - 2015-03-04 15:38 - 00005136 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for GEORG-PC-Georg Georg-PC
2015-02-23 12:18 - 2015-02-23 12:18 - 00000000 ____D () C:\Users\Georg\Documents\Benutzerdefinierte Office-Vorlagen
2015-02-22 19:29 - 2015-02-22 19:29 - 00000000 __RHD () C:\MSOCache
2015-02-22 19:09 - 2015-02-22 19:09 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-02-22 18:48 - 2015-02-22 18:48 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-02-22 18:44 - 2015-02-22 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-22 18:41 - 2015-02-22 18:41 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-22 18:40 - 2015-02-22 18:40 - 01463480 _____ (Microsoft Corporation) C:\Users\Georg\Downloads\Setup.X64.de-de_O365ProPlusRetail_48b80b64-b071-4481-8190-344060a99d88_TX_PR_.exe
2015-02-21 17:31 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-21 17:31 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-21 17:31 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-21 17:31 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-21 17:31 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-21 17:30 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-21 16:55 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-21 16:55 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-21 16:55 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-21 16:55 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-21 16:52 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-21 16:52 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-21 16:52 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-21 16:52 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-21 16:52 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-21 16:52 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-21 16:51 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-21 16:51 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-21 16:42 - 2015-02-21 16:42 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-21 16:42 - 2015-02-21 16:42 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-02-21 16:41 - 2015-02-21 16:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-21 16:40 - 2015-02-21 16:50 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-20 23:58 - 2015-02-20 23:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-20 23:50 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-20 23:50 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-20 23:50 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-20 23:50 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-20 23:48 - 2015-02-20 23:48 - 00000000 ____D () C:\ProgramData\Riot Games
2015-02-20 23:46 - 2015-02-20 23:46 - 00000000 ____D () C:\Riot Games
2015-02-20 23:46 - 2015-02-20 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-02-20 23:46 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-02-20 23:46 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-02-20 23:46 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-02-20 23:46 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-02-20 23:46 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-02-20 23:44 - 2015-02-20 23:45 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Riot Games
2015-02-20 23:43 - 2015-02-20 23:44 - 30668968 _____ (Riot Games) C:\Users\Georg\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-02-20 00:09 - 2015-02-20 00:09 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Guitar Pro 6
2015-02-20 00:09 - 2015-02-20 00:09 - 00000000 ____D () C:\ProgramData\Guitar Pro 6
2015-02-20 00:08 - 2015-02-20 00:08 - 00001052 _____ () C:\Users\Public\Desktop\Guitar Pro 6.lnk
2015-02-20 00:08 - 2015-02-20 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
2015-02-20 00:06 - 2015-02-20 00:07 - 00000000 ____D () C:\Program Files (x86)\Guitar Pro 6
2015-02-19 23:37 - 2015-02-19 23:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-19 23:37 - 2015-02-19 23:37 - 00000000 ____D () C:\ProgramData\Sun
2015-02-19 23:37 - 2015-02-19 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-19 23:36 - 2015-02-19 23:37 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-19 23:36 - 2015-02-19 23:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-19 23:31 - 2015-02-19 23:48 - 154449468 _____ (Arobas Music ) C:\Users\Georg\Downloads\gp6-full-win-demo-r11621.exe
2015-02-19 23:31 - 2015-02-19 23:31 - 00639912 _____ (Oracle Corporation) C:\Users\Georg\Downloads\jxpiinstall.exe
2015-02-19 23:28 - 2015-02-19 23:28 - 00021137 _____ () C:\Users\Georg\Desktop\presnyakov_igor-vashe_blagorodie_gospoja_udacha.gpx
2015-02-19 21:58 - 2015-02-19 21:59 - 00000000 ____D () C:\Program Files\NetBalancer
2015-02-19 21:58 - 2015-02-19 21:58 - 00000940 _____ () C:\Users\Public\Desktop\NetBalancer Tray.lnk
2015-02-19 21:58 - 2015-02-19 21:58 - 00000930 _____ () C:\Users\Public\Desktop\NetBalancer.lnk
2015-02-19 21:58 - 2015-02-19 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer
2015-02-19 21:58 - 2013-11-25 09:28 - 00041392 _____ (SeriousBit) C:\WINDOWS\system32\Drivers\nbdrv.sys
2015-02-19 21:57 - 2015-02-19 21:57 - 04980648 _____ (SeriousBit ) C:\Users\Georg\Downloads\NetBalancerSetup.exe
2015-02-19 15:17 - 2015-02-19 15:17 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-02-19 15:11 - 2015-03-04 12:42 - 00000000 ___RD () C:\Users\Georg\OneDrive
2015-02-19 15:09 - 2015-02-19 15:09 - 00001450 _____ () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-19 15:08 - 2015-02-19 15:08 - 00000020 ___SH () C:\Users\Georg\ntuser.ini
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-19 15:06 - 2015-02-19 15:06 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-19 15:05 - 2015-02-19 15:05 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-19 14:53 - 2015-02-19 14:53 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-19 14:51 - 2015-02-19 14:51 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-19 14:50 - 2015-03-04 12:40 - 00000000 ____D () C:\Users\Georg
2015-02-19 14:50 - 2015-02-19 15:06 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2015-02-19 14:50 - 2015-02-19 15:06 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2015-02-19 14:50 - 2015-02-19 14:51 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-19 14:50 - 2015-02-19 14:51 - 00000000 ___RD () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Vorlagen
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Startmenü
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Netzwerkumgebung
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Lokale Einstellungen
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Eigene Dateien
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Druckumgebung
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Documents\Eigene Musik
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Documents\Eigene Bilder
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\AppData\Local\Verlauf
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\AppData\Local\Anwendungsdaten
2015-02-19 14:50 - 2015-02-19 14:50 - 00000000 _SHDL () C:\Users\Georg\Anwendungsdaten
2015-02-19 14:50 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-19 14:50 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-19 14:50 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-19 14:50 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-19 14:50 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-19 14:50 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-19 14:50 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-19 14:50 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-19 14:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-19 14:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-19 14:43 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-02-19 14:43 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-02-19 14:43 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-02-19 14:43 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-02-19 14:42 - 2015-03-04 17:54 - 01895500 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-19 14:42 - 2015-02-19 14:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-19 14:42 - 2015-02-19 14:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-19 14:42 - 2015-02-19 14:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-19 14:42 - 2015-02-19 14:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-19 14:42 - 2015-02-19 14:42 - 00000000 ____D () C:\Program Files\Realtek
2015-02-19 14:41 - 2015-02-19 14:52 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-19 14:41 - 2015-02-19 14:41 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-02-19 14:41 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-02-19 14:41 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-02-19 14:38 - 2015-02-19 15:08 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-19 14:38 - 2015-02-19 14:38 - 00000000 __SHD () C:\Recovery
2015-02-19 14:36 - 2015-02-19 14:36 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-19 14:36 - 2015-02-19 14:36 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-19 14:36 - 2015-02-19 14:36 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-19 14:34 - 2015-02-19 14:34 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-19 14:34 - 2015-02-19 14:34 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-19 14:34 - 2015-02-19 14:34 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-19 14:34 - 2015-02-19 14:34 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-19 14:34 - 2015-02-19 14:34 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-19 14:34 - 2015-02-19 14:34 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-19 14:34 - 2015-02-19 14:34 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-19 14:33 - 2015-02-19 14:33 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-19 14:33 - 2015-02-19 14:33 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-19 14:33 - 2015-02-19 14:33 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-19 14:33 - 2015-02-19 14:33 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-19 14:33 - 2015-02-19 14:33 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-19 14:33 - 2015-02-19 14:33 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-19 14:33 - 2015-02-19 14:33 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-19 14:33 - 2015-02-19 14:33 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-19 14:33 - 2015-02-19 14:33 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-19 14:32 - 2015-02-19 14:32 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-19 14:31 - 2015-02-19 14:31 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-19 14:31 - 2015-02-19 14:31 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-19 14:31 - 2015-02-19 14:31 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-19 14:31 - 2015-02-19 14:31 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-19 00:29 - 2015-02-19 00:29 - 00000000 ____D () C:\ProgramData\SeriousBit
2015-02-18 23:50 - 2015-02-18 23:51 - 01203488 _____ () C:\Users\Georg\Downloads\NetBalancer - CHIP-Installer.exe
2015-02-18 23:45 - 2015-02-18 23:45 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Locktime
2015-02-18 23:37 - 2015-02-18 23:37 - 00000000 ____D () C:\ProgramData\Locktime
2015-02-18 23:36 - 2015-02-18 23:36 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Locktime Software
2015-02-18 23:35 - 2015-02-18 23:36 - 06996832 _____ (Locktime Software) C:\Users\Georg\Downloads\netlimiter-4.0.9.0.exe
2015-02-18 00:07 - 2015-02-18 00:07 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Avira
2015-02-18 00:04 - 2015-03-04 10:55 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-02-18 00:01 - 2015-03-04 10:55 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-02-18 00:01 - 2015-03-04 10:55 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-02-18 00:01 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-02-17 23:54 - 2015-02-19 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-17 23:54 - 2015-02-18 00:01 - 00000000 ____D () C:\ProgramData\Avira
2015-02-17 23:54 - 2015-02-18 00:01 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-17 23:54 - 2015-02-17 23:54 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Georg\Downloads\avira_de_av___ws.exe
2015-02-17 23:54 - 2015-02-17 23:54 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-16 18:56 - 2015-02-16 18:56 - 00000000 ____D () C:\Users\Georg\AppData\Local\Macromedia
2015-02-16 18:39 - 2015-03-04 17:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-16 18:39 - 2015-03-03 22:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-16 18:38 - 2015-03-03 22:51 - 00000000 ____D () C:\Users\Georg\AppData\Local\Adobe
2015-02-16 15:41 - 2015-02-19 15:06 - 00009680 _____ () C:\WINDOWS\comsetup.log
2015-02-16 14:34 - 2015-02-19 14:54 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-16 14:34 - 2015-02-19 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-16 14:34 - 2015-02-16 14:34 - 02059896 _____ () C:\Users\Georg\Downloads\winrar-x64-520d.exe
2015-02-16 14:34 - 2015-02-16 14:34 - 00000000 ____D () C:\Program Files\WinRAR
2015-02-16 14:33 - 2012-06-13 18:23 - 09888912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsBaStorIcon.dll
2015-02-16 14:33 - 2012-06-13 18:23 - 00294544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2015-02-16 14:24 - 2015-03-02 10:40 - 00000000 ____D () C:\Users\Georg\AppData\Local\Spotify
2015-02-16 14:24 - 2015-02-16 14:24 - 00001805 _____ () C:\Users\Georg\Desktop\Spotify.lnk
2015-02-16 14:24 - 2015-02-16 14:24 - 00001791 _____ () C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-02-16 14:23 - 2015-03-04 18:45 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Spotify
2015-02-16 14:22 - 2015-03-04 16:56 - 00000000 ____D () C:\Users\Georg\zeug
2015-02-16 14:20 - 2015-02-16 14:20 - 00137888 _____ (Spotify Ltd) C:\Users\Georg\Downloads\SpotifySetup.exe
2015-02-16 14:08 - 2015-02-16 14:08 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-02-16 14:00 - 2015-02-16 14:00 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Thunderbird
2015-02-16 14:00 - 2015-02-16 14:00 - 00000000 ____D () C:\Users\Georg\AppData\Local\Thunderbird
2015-02-16 13:59 - 2015-02-16 13:59 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-02-16 13:59 - 2015-02-16 13:59 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-02-16 13:58 - 2015-02-16 13:58 - 28742864 _____ (Mozilla) C:\Users\Georg\Downloads\Thunderbird Setup 31.4.0.exe
2015-02-14 15:53 - 2015-03-03 22:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-14 15:53 - 2015-02-14 15:53 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Mozilla
2015-02-14 15:53 - 2015-02-14 15:53 - 00000000 ____D () C:\Users\Georg\AppData\Local\Mozilla
2015-02-14 15:53 - 2015-02-14 15:53 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-14 15:45 - 2015-02-19 21:52 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-14 13:33 - 2015-01-29 09:30 - 00011056 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-02-13 18:14 - 2014-12-31 12:14 - 00298120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-02-13 17:53 - 2015-02-13 17:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-13 17:53 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-13 17:33 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-02-13 17:33 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-02-13 16:45 - 2015-02-25 12:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-02-13 16:45 - 2015-02-25 12:29 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-02-13 16:45 - 2015-02-16 14:39 - 00016302 _____ () C:\WINDOWS\system32\results.xml
2015-02-13 16:45 - 2015-02-13 16:45 - 00000000 _____ () C:\Users\Georg\agent.log
2015-02-13 16:41 - 2015-02-13 18:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-13 16:41 - 2015-02-13 16:41 - 00000000 ____D () C:\temp
2015-02-13 16:40 - 2015-02-13 16:40 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-02-13 16:39 - 2015-02-13 16:39 - 00000324 _____ () C:\WINDOWS\system32\netcfg-554812.txt
2015-02-13 16:39 - 2015-02-13 16:39 - 00000000 ____D () C:\WINDOWS\Options
2015-02-13 16:39 - 2015-02-13 16:39 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2015-02-13 16:39 - 2012-09-26 21:11 - 00080063 _____ () C:\WINDOWS\system32\athw8x.cat
2015-02-13 16:39 - 2012-09-19 00:15 - 03653632 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\athw8x.sys
2015-02-13 16:38 - 2015-02-19 14:54 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-02-13 16:38 - 2015-02-13 16:38 - 00001058 _____ () C:\WINDOWS\system32\netcfg-484093.txt
2015-02-13 16:38 - 2015-02-13 16:38 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Intel
2015-02-13 16:37 - 2015-02-17 23:54 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-13 16:37 - 2015-02-13 16:43 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-02-13 16:37 - 2015-02-13 16:37 - 00000000 ____D () C:\ProgramData\Intel.sav
2015-02-13 16:37 - 2015-02-13 16:37 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-02-13 16:35 - 2015-03-04 16:26 - 00000856 _____ () C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-02-13 16:35 - 2015-03-04 12:41 - 00000854 _____ () C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-02-13 16:35 - 2015-02-13 16:35 - 00003498 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-02-13 16:35 - 2015-02-13 16:35 - 00003194 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-02-13 16:35 - 2015-02-13 16:35 - 00000000 _____ () C:\WINDOWS\SysWOW64\agent.log
2015-02-13 15:34 - 2015-02-19 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-13 15:34 - 2015-02-13 16:37 - 00000000 ____D () C:\ProgramData\Intel
2015-02-13 15:34 - 2012-06-25 10:42 - 00015168 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2015-02-13 15:33 - 2015-02-13 15:33 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\InstallShield
2015-02-13 15:33 - 2012-07-02 15:16 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys
2015-02-13 15:29 - 2015-02-13 16:38 - 00000000 ____D () C:\Program Files\Intel
2015-02-13 15:29 - 2015-02-13 15:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2015-02-13 15:25 - 2015-02-13 16:37 - 00024116 _____ () C:\WINDOWS\DPINST.LOG
2015-02-13 15:25 - 2015-02-13 16:37 - 00000000 ____D () C:\Program Files\DIFX
2015-02-13 15:25 - 2015-02-13 15:25 - 00003542 _____ () C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-02-13 15:25 - 2015-02-13 15:25 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-02-13 15:24 - 2015-02-13 15:24 - 00000304 _____ () C:\WINDOWS\system32\netcfg-3554640.txt
2015-02-13 15:24 - 2015-02-13 15:24 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3559671.txt
2015-02-13 15:24 - 2015-02-13 15:24 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3554328.txt
2015-02-13 15:23 - 2015-02-19 14:53 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-02-13 15:23 - 2015-02-13 15:23 - 00000000 ____D () C:\Intel
2015-02-13 15:23 - 2012-07-04 10:55 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2015-02-13 15:21 - 2015-02-16 14:33 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-02-13 15:21 - 2015-02-13 16:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-13 15:21 - 2015-02-13 15:22 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-02-13 15:21 - 2015-02-13 15:21 - 08004096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-02-13 15:21 - 2015-02-13 15:21 - 07601528 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 04177680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-02-13 15:21 - 2015-02-13 15:21 - 03671184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 02743440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 02700896 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 02080120 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 02028920 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01706640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01561744 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-02-13 15:21 - 2015-02-13 15:21 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01460600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 01267856 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00881808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00869752 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00772224 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00501192 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00487368 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00415688 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00394616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00394616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00361937 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-02-13 15:21 - 2015-02-13 15:21 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00202336 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00115856 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00110592 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-02-13 15:21 - 2015-02-13 15:21 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-02-13 15:21 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-02-13 15:21 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-02-13 15:21 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-02-13 15:21 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-02-13 15:21 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-02-13 15:16 - 2015-02-16 14:35 - 00000000 ____D () C:\Users\Georg\Desktop\Treiber
2015-02-13 15:14 - 2015-02-13 15:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2950468.txt
2015-02-13 15:14 - 2015-02-13 15:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2919921.txt
2015-02-13 15:12 - 2015-02-13 15:12 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2824468.txt
2015-02-13 15:12 - 2015-02-13 15:12 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2804640.txt
2015-02-13 15:07 - 2015-03-04 14:33 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-396868433-2904709971-3009115836-1001
2015-02-13 15:03 - 2015-02-13 15:03 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Macromedia
2015-02-13 15:02 - 2015-02-21 16:49 - 00000000 ____D () C:\Users\Georg\AppData\Roaming\Adobe
2015-02-13 15:01 - 2015-03-03 17:20 - 00000000 ____D () C:\Users\Georg\AppData\Local\Packages
2015-02-13 15:01 - 2015-02-19 14:52 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-13 15:01 - 2015-02-13 15:01 - 00000000 ____D () C:\Users\Georg\AppData\Local\VirtualStore
2015-02-13 15:00 - 2015-02-19 14:18 - 02053431 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-02-13 14:59 - 2015-02-13 14:59 - 00001027 _____ () C:\WINDOWS\system32\netcfg-2062859.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000200 _____ () C:\WINDOWS\system32\netcfg-2063390.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2063234.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2063203.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2062703.txt
2015-02-13 14:59 - 2015-02-13 14:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2059546.txt
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Programme
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-02-13 14:26 - 2015-02-13 14:26 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-02-13 14:23 - 2015-02-13 14:23 - 00001136 _____ () C:\WINDOWS\system32\netcfg-71000.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00001135 _____ () C:\WINDOWS\system32\netcfg-74250.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00001101 _____ () C:\WINDOWS\system32\netcfg-86968.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000197 _____ () C:\WINDOWS\system32\netcfg-71484.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000185 _____ () C:\WINDOWS\system32\netcfg-70593.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000164 _____ () C:\WINDOWS\system32\netcfg-64312.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000162 _____ () C:\WINDOWS\system32\netcfg-87781.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000161 _____ () C:\WINDOWS\system32\netcfg-70328.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000160 _____ () C:\WINDOWS\system32\netcfg-69781.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000160 _____ () C:\WINDOWS\system32\netcfg-69515.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000160 _____ () C:\WINDOWS\system32\netcfg-64609.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000159 _____ () C:\WINDOWS\system32\netcfg-69281.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000157 _____ () C:\WINDOWS\system32\netcfg-70031.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000157 _____ () C:\WINDOWS\system32\netcfg-63906.txt
2015-02-13 14:23 - 2015-02-13 14:23 - 00000150 _____ () C:\WINDOWS\system32\netcfg-68796.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 18:53 - 2013-08-22 15:46 - 00341617 _____ () C:\WINDOWS\setupact.log
2015-03-04 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-04 13:09 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-04 13:09 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-04 13:09 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-04 12:40 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-04 10:48 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-03 23:16 - 2014-11-20 19:24 - 00019768 _____ () C:\WINDOWS\PFRO.log
2015-02-25 14:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-25 12:29 - 2013-08-22 15:44 - 00482240 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-25 12:24 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-25 12:24 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-25 12:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-25 12:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-25 12:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-25 12:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-25 12:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-25 12:21 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-21 16:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-19 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-19 15:17 - 2013-08-22 15:46 - 00000395 _____ () C:\WINDOWS\setuperr.log
2015-02-19 15:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-19 15:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-19 15:06 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-19 15:04 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-19 15:04 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-19 14:54 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-19 14:54 - 2013-08-22 14:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-19 14:54 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-19 14:53 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-19 14:53 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-19 14:53 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-19 14:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-19 14:53 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-19 14:52 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-19 14:52 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-19 14:52 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-19 14:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-19 14:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-19 14:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-19 14:47 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-19 14:36 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-19 14:34 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-19 14:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-14 13:28 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-13 15:27 - 2012-06-19 07:40 - 00342528 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2015-02-13 15:27 - 2012-06-19 07:40 - 00016896 _____ (Intel(R) Corporation) C:\WINDOWS\system32\IntcDAuC.dll
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Georg\AppData\Local\Temp\130698825274624910.exe
C:\Users\Georg\AppData\Local\Temp\13069882532096580713.exe
C:\Users\Georg\AppData\Local\Temp\avgnt.exe
C:\Users\Georg\AppData\Local\Temp\gkey.exe
C:\Users\Georg\AppData\Local\Temp\pkeyui.exe
C:\Users\Georg\AppData\Local\Temp\Quarantine.exe
C:\Users\Georg\AppData\Local\Temp\sqlite3.dll
C:\Users\Georg\AppData\Local\Temp\wabk.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-01 19:58

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 05.03.2015, 07:09

Bestehen noch Probleme?

yxc32 · 05.03.2015, 10:42

Nein, alles scheint wieder in Ordnung zu sein. Vielen Dank!

schrauber · 05.03.2015, 17:03

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

yxc32 · 05.03.2015, 17:50

Nein, es scheint alles wieder in Ordnung zu sein. Vielen Dank für deine Hilfe

schrauber · 06.03.2015, 10:17

Gern Geschehen

04.03.2015, 17:42	#8
schrauber /// the machine /// TB-Ausbilder	MyStart Search & firefox Wie es da steht, in der Reihenfolge: JRT, EEK, dann frisches FRST log. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

05.03.2015, 07:09	#10
schrauber /// the machine /// TB-Ausbilder	MyStart Search & firefox Bestehen noch Probleme? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

06.03.2015, 10:17	#14
schrauber /// the machine /// TB-Ausbilder	MyStart Search & firefox Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

MyStart Search & firefox

Plagegeister aller Art und deren Bekämpfung: MyStart Search & firefox