Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Bildschirm weiß nach Start. mauszeiger vorhanden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.03.2015, 23:47   #1
Frusa567
 
Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Hallo.
Laptop Acer . Win 7 64 Bit
Ich hab seit einigen Stunden das Problem, das mein Laptop nach dem Start einen weißen Bildschirm hat. Der mauszeiger ist vorhanden. Oben in der Mitte ist ein live Bild meiner webcam.
Taskmanager funktioniert nur bedingt, kann nur die Videoquelle beenden. Abgesicherter modus geht nicht. Über die erweiterte startoption bin ich auf reparieren gegangen und dann auf System wiederherstellung gegangen. Dieser Punkt war vor ca. 3 tagen. Ausgeführt , aber keine Besserung. Problem besteht weiterhin. Hilfe alle unsere wichtigen Daten sind Auf diesem Laptop

Danke für eure Hilfe im voraus

Alt 08.03.2015, 07:07   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



hi,

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________

__________________

Alt 08.03.2015, 09:21   #3
Frusa567
 
Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Guten morgen. Hab eben gleich einfach mal auf Glück probiert den Laptop anzumachen. Nun fuhr er hoch.
Was muss ich jetzt tun?
Den Scan wie von dir beschrieben ?

nun kam der fehler.

anbei der frst scan


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2015 01
Ran by SYSTEM on MININT-34LR689 on 08-03-2015 10:18:39
Running from H:\
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13265480 2013-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1273416 2013-01-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-11] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-02-27] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\Unser\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\Unser\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\Unser\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\Unser\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-27] (Bitdefender)
HKU\Unser\...\Winlogon: [Userinit] C:\Users\Unser\AppData\Roaming\loadit.exe [604894 2015-03-08] ()
HKU\Unser\...\Winlogon: [Shell] C:\Users\Unser\AppData\Roaming\loadit.exe [604894 2015-03-08] () <==== ATTENTION 
Startup: C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk ->  (No File)
Startup: C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
ShortcutTarget: ja.lnk ->  (No File)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-06] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2015-02-20] ()
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-02-27] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-31] ()
S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-27] (BitDefender)
S3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-02-27] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-27] (BitDefender)
S1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-02-27] (BitDefender LLC)
S1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-27] (BitDefender SRL)
S0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-04] (Intel Corporation)
S3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [119376 2013-03-04] (Qualcomm Atheros Co., Ltd.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-31] ()
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-09-25] (Duplex Secure Ltd.)
S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 PCDSRVC{6DD8E36B-F4C10000-06020200}_0; \??\c:\users\unser\appdata\local\temp\zo._2iwyh0oi\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{EDD8E36B-0ADF384A-06020200}_0; \??\c:\users\unser\appdata\local\temp\8ljuqcdrudat\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{EDD8E36B-417232CF-06020200}_0; \??\c:\users\unser\appdata\local\temp\abgnubmop9bj\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 6E9449DBE96BC4C12E621549A99AA814
C:\Windows\System32\DRIVERS\atikmpag.sys 5A5E75252F7D8D04E8115C08699C9AF0
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys FA5FA1147FF4C4EE63087762362F534D
C:\Windows\System32\drivers\AtihdW76.sys 4D76B51F3BA702BFD060F0A075AACD22
C:\Windows\System32\DRIVERS\atksgt.sys FC0E8778C000291CAF60EB88C011E931
C:\Windows\System32\DRIVERS\avc3.sys 1517FBA8213F75ECCD9311DE493DD8C9
C:\Windows\System32\DRIVERS\avchv.sys 075AE98458B00E98F3104D777C062032
C:\Windows\System32\DRIVERS\avckf.sys D1A0A4A314FCE6478F2E8C05D8DABC5B
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 9A9A632AA25D4B33BFA9D3202DEA0E87
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys EC80614A72BC7039D2B22E3DD6C15895
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys C0247341C1BCD7FF2742821D0AD7AFBC
C:\Windows\system32\drivers\bdsandbox.sys 397307349A31F530718DAE781825A8EB
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys E45CDE1C8340DFEDF1D6724263F39E5B
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\gzflt.sys C8B54E81501386A91B0E0BD596965C9B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStorA.sys 6D1B876E87FC1B1AC26ED17BAB31E96B
C:\Windows\System32\DRIVERS\iaStorF.sys E71D677720A91F9F9B547DA805B81FC4
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 55FCBF5440EE61DBC5A6F637F7B4C776
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys C60C6B9A2E50B0404F6789C62B428C03
C:\Windows\System32\Drivers\ksecpkg.sys 78D152A9FD5747FF6AA89C79F0346F62
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C60x64.sys C47EB8B0F8A6338342C774BCDE57BBE6
C:\Windows\System32\DRIVERS\lirsgt.sys 156AB2E56DC3CA0B582E3362E07CDED7
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys D584ABB6A308933A5F72B46C9E5A783F
C:\Windows\System32\DRIVERS\nusb3xhc.sys 345B9C04E2036DA4346E3249A5BDFD06
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys 96815EC7EE4A39DFD202DF2EB44ECA54
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys A15860E920B02C9A7CE8F3A6C2FF1E3A
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 34D5CB94656B443D50B3FF1A450A559C
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\trufos.sys 3E75A47D2DEFD2683DCA409572FBE8B2
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\DRIVERS\WSDScan.sys 4A2A5C50DD1A63577D3ACA94269FBC7F
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 10:18 - 2015-03-08 10:18 - 00000000 ____D () C:\FRST
2015-03-08 09:05 - 2015-03-08 09:05 - 00604894 _____ () C:\Users\Unser\AppData\Roaming\loadit.exe
2015-03-08 09:03 - 2015-03-08 09:04 - 00000000 ____D () C:\AdwCleaner
2015-03-08 09:03 - 2015-03-08 09:03 - 02126848 _____ () C:\Users\Unser\Downloads\AdwCleaner_4.111.exe
2015-03-08 08:32 - 2015-03-08 08:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-03-08 08:32 - 2015-03-08 08:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Unser\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-08 08:32 - 2015-03-08 08:32 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-08 08:32 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2015-03-08 08:32 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2015-03-08 08:32 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2015-03-08 08:28 - 2015-03-08 08:28 - 00000000 ____D () C:\Program Files (x86)\dumps
2015-03-04 15:31 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-02 14:58 - 2015-03-04 18:30 - 00000036 _____ () C:\Users\Unser\AppData\Roaming\url.txt
2015-02-28 21:27 - 2015-02-06 14:01 - 70185311 _____ () C:\Users\Unser\AppData\Roaming\autostarter.exe
2015-02-28 17:34 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-28 17:34 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\System32\locale.nls
2015-02-27 12:29 - 2015-02-27 12:29 - 01306464 _____ (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2015-02-27 12:29 - 2015-02-27 12:29 - 00262544 _____ (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2015-02-27 12:29 - 2015-02-27 12:29 - 00084848 _____ (BitDefender SRL) C:\Windows\System32\bdsandboxuiskin.dll
2015-02-27 12:29 - 2015-02-27 12:29 - 00074000 _____ (BitDefender SRL) C:\Windows\System32\bdsandboxuiskin32.dll
2015-02-20 23:17 - 2015-02-20 23:19 - 00189480 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-20 23:17 - 2015-02-20 23:17 - 00000000 ____D () C:\Users\Unser\AppData\Local\PunkBuster
2015-02-20 23:15 - 2015-02-20 23:15 - 00000000 ____D () C:\Users\Unser\Documents\America's Army 3
2015-02-20 23:13 - 2015-02-20 23:19 - 00189480 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-20 23:13 - 2015-02-20 23:13 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-20 23:13 - 2015-02-20 23:00 - 03360624 _____ () C:\Windows\SysWOW64\pbsvc.exe
2015-02-20 22:17 - 2015-02-20 22:17 - 00000000 ____D () C:\Users\Unser\AppData\Local\Steam
2015-02-20 22:15 - 2015-03-08 08:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-20 22:15 - 2015-02-20 22:15 - 01142128 _____ () C:\Users\Unser\Downloads\SteamSetup.exe
2015-02-18 13:07 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\System32\perftrack.dll
2015-02-18 13:07 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\wdi.dll
2015-02-18 13:07 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\System32\powertracker.dll
2015-02-18 13:07 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-17 15:02 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files\iTunes
2015-02-17 15:02 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-17 15:02 - 2015-02-17 15:02 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\Program Files\iPod
2015-02-13 14:53 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-02-13 14:53 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-02-13 14:53 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-13 14:53 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2015-02-11 14:28 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-02-11 14:28 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2015-02-11 14:28 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-02-11 14:28 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:28 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-02-11 14:28 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-02-11 14:28 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-02-11 14:28 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-02-11 14:28 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-02-11 14:28 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-02-11 14:28 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-02-11 14:28 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-02-11 14:28 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-02-11 14:28 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-02-11 14:28 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:28 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-11 14:28 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:28 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-02-11 14:28 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-02-11 14:28 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:28 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:28 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:28 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-02-11 14:28 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:28 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:28 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:28 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:28 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:28 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-02-11 14:28 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-02-11 14:28 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-02-11 14:28 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-02-11 14:28 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:28 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-02-11 14:28 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:28 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:28 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:28 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:28 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-02-11 14:28 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:28 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:28 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:28 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:28 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-02-11 14:28 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-02-11 14:28 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:28 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:28 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:27 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-02-11 14:27 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-02-11 14:27 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-02-11 14:27 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-02-11 14:27 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-02-11 14:27 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-02-11 14:27 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-02-11 14:27 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-02-11 14:27 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:27 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:27 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:27 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:27 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:27 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:27 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2015-02-11 14:27 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-02-11 14:27 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-02-11 14:27 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-02-11 14:27 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-02-11 14:27 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:27 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:27 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:27 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2015-02-11 14:27 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:27 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-02-11 14:27 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2015-02-11 14:27 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:27 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2015-02-11 14:27 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:27 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2015-02-11 14:27 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:27 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-02-11 14:27 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:27 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:27 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2015-02-11 14:27 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2015-02-11 14:27 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 14:27 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-06 13:42 - 2015-02-06 13:42 - 00262871 _____ () C:\Users\Unser\Documents\Mappe1.xlsx
2015-02-06 13:29 - 2015-02-06 13:29 - 00076944 _____ (BitDefender) C:\Windows\System32\Drivers\bdvedisk.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 10:14 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-08 10:14 - 2009-07-14 05:51 - 00147095 _____ () C:\Windows\setupact.log
2015-03-08 09:08 - 2013-04-06 11:46 - 01186383 _____ () C:\Windows\WindowsUpdate.log
2015-03-08 09:08 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-08 09:08 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-08 09:06 - 2013-04-06 12:16 - 00161624 _____ () C:\Windows\PFRO.log
2015-03-08 08:54 - 2009-07-14 18:58 - 00699682 _____ () C:\Windows\System32\perfh007.dat
2015-03-08 08:54 - 2009-07-14 18:58 - 00149790 _____ () C:\Windows\System32\perfc007.dat
2015-03-08 08:54 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-03-08 08:34 - 2013-04-09 15:36 - 00000000 ____D () C:\Users\Unser\AppData\Local\Adobe
2015-03-07 23:43 - 2013-04-06 11:47 - 00000000 ____D () C:\users\Unser
2015-03-07 23:42 - 2015-01-23 11:15 - 00000000 ____D () C:\Program Files (x86)\Free M4a to MP3 Converter
2015-03-07 23:42 - 2014-10-10 15:43 - 00000000 ____D () C:\Program Files (x86)\posterXXL Designer
2015-03-07 23:42 - 2014-09-23 07:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-07 23:42 - 2014-09-19 22:11 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-07 23:42 - 2014-09-19 22:11 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-03-07 23:42 - 2014-06-29 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-07 23:42 - 2014-06-20 18:14 - 00000000 ____D () C:\Program Files (x86)\ratDVD
2015-03-07 23:42 - 2014-04-17 10:05 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2015-03-07 23:42 - 2013-09-25 16:59 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2015-03-07 23:42 - 2013-08-19 10:13 - 00000000 ____D () C:\Program Files (x86)\EMDB
2015-03-07 23:42 - 2013-08-07 14:28 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2015-03-07 23:42 - 2013-06-03 16:42 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2015-03-07 23:42 - 2013-04-30 19:04 - 00000000 ____D () C:\Windows\System32\SPReview
2015-03-07 23:42 - 2013-04-28 08:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-03-07 23:42 - 2013-04-24 16:50 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-03-07 23:42 - 2013-04-24 16:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-07 23:42 - 2013-04-06 16:10 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-07 23:42 - 2013-04-06 12:53 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-03-07 23:42 - 2013-04-06 12:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-07 23:42 - 2013-04-06 11:52 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect
2015-03-07 23:42 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-07 23:42 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-03-07 23:42 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\System32\Setup
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\System32\com
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\System32\AdvancedInstallers
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-04 15:29 - 2013-04-06 11:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 16:27 - 2013-04-06 12:53 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\UseNeXT
2015-03-01 16:24 - 2014-02-28 14:46 - 00000000 ____D () C:\Users\Unser\Documents\UseNeXT
2015-03-01 14:26 - 2014-03-15 20:53 - 00000000 ____D () C:\Users\Unser\Desktop\Lenz
2015-02-28 17:34 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\System32\FxsTmp
2015-02-27 12:29 - 2015-02-05 14:28 - 00677104 _____ (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2015-02-27 12:29 - 2015-02-05 14:28 - 00082824 _____ (BitDefender SRL) C:\Windows\System32\Drivers\bdsandbox.sys
2015-02-27 12:29 - 2014-01-21 14:29 - 00033360 _____ (BitDefender SRL) C:\Windows\System32\bdsandboxuh.dll
2015-02-20 23:13 - 2013-04-06 16:06 - 00356894 _____ () C:\Windows\DirectX.log
2015-02-20 11:31 - 2013-04-07 10:19 - 00000000 ____D () C:\Users\Unser\AppData\Local\Microsoft Games
2015-02-20 10:21 - 2013-04-24 16:51 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\Apple Computer
2015-02-19 12:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-18 16:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-17 15:02 - 2013-04-24 16:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-17 14:29 - 2013-08-19 21:35 - 00000000 ____D () C:\Users\Unser\Desktop\Spiele & Programme
2015-02-12 20:48 - 2009-07-14 05:45 - 05110224 _____ () C:\Windows\System32\FNTCACHE.DAT
2015-02-12 15:10 - 2014-12-11 13:41 - 00000000 ____D () C:\Windows\System32\appraiser
2015-02-12 15:10 - 2014-05-08 05:11 - 00000000 ___SD () C:\Windows\System32\CompatTel
2015-02-12 15:08 - 2013-04-28 08:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 15:07 - 2013-08-17 18:33 - 00000000 ____D () C:\Windows\System32\MRT
2015-02-12 15:03 - 2013-04-06 14:17 - 116773704 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-02-09 14:29 - 2013-04-06 11:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 14:29 - 2013-04-06 11:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-09 14:29 - 2013-04-06 11:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\Unser\AppData\Local\Temp\80323uninstall.exe
C:\Users\Unser\AppData\Local\Temp\CH.dll
C:\Users\Unser\AppData\Local\Temp\cvtres.exe
C:\Users\Unser\AppData\Local\Temp\FoxyDeal_Setup.exe
C:\Users\Unser\AppData\Local\Temp\ins.exe
C:\Users\Unser\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Unser\AppData\Local\Temp\k3ydxivu.dll
C:\Users\Unser\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe
C:\Users\Unser\AppData\Local\Temp\optprosetup.exe
C:\Users\Unser\AppData\Local\Temp\ose00000.exe
C:\Users\Unser\AppData\Local\Temp\Quarantine.exe
C:\Users\Unser\AppData\Local\Temp\ratDVDSetup-0.78.1444.exe
C:\Users\Unser\AppData\Local\Temp\s52eslv0.dll
C:\Users\Unser\AppData\Local\Temp\sqlite3.dll
C:\Users\Unser\AppData\Local\Temp\Uninstall.exe
C:\Users\Unser\AppData\Local\Temp\_is1343.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================


==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {0755323c-5709-11e0-b827-e902043840bf}
displayorder            {default}
toolsdisplayorder       {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
                        {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {07553236-5709-11e0-b827-e902043840bf}
device                  ramdisk=[C:]\Recovery\07553236-5709-11e0-b827-e902043840bf\Winre.wim,{07553237-5709-11e0-b827-e902043840bf}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\07553236-5709-11e0-b827-e902043840bf\Winre.wim,{07553237-5709-11e0-b827-e902043840bf}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {0755323a-5709-11e0-b827-e902043840bf}
device                  ramdisk=[F:]\Recovery\0755323a-5709-11e0-b827-e902043840bf\Winre.wim,{0755323b-5709-11e0-b827-e902043840bf}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  de-DE
inherit                 {bootloadersettings}
custom:15000065         3
custom:15000066         3
osdevice                ramdisk=[F:]\Recovery\0755323a-5709-11e0-b827-e902043840bf\Winre.wim,{0755323b-5709-11e0-b827-e902043840bf}
systemroot              \windows
nx                      OptIn
custom:250000c2         1
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {0755323c-5709-11e0-b827-e902043840bf}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  ramdisk=[C:]\Recovery\0755323e-5709-11e0-b827-e902043840bf\Winre.wim,{0755323f-5709-11e0-b827-e902043840bf}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\0755323e-5709-11e0-b827-e902043840bf\Winre.wim,{0755323f-5709-11e0-b827-e902043840bf}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {0755323c-5709-11e0-b827-e902043840bf}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

Echtmodus-Startabschnitt
------------------------
Bezeichner              {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
device                  partition=C:
path                    \bdr-ld01.mbr
description             Bitdefender Rescue Mode - Windows 7 Home Premium SP 1 (x64)

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {07553237-5709-11e0-b827-e902043840bf}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\07553236-5709-11e0-b827-e902043840bf\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {0755323b-5709-11e0-b827-e902043840bf}
description             Windows Recovery
ramdisksdidevice        partition=F:
ramdisksdipath          \Recovery\0755323a-5709-11e0-b827-e902043840bf\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {0755323f-5709-11e0-b827-e902043840bf}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\0755323e-5709-11e0-b827-e902043840bf\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 10%
Total physical RAM: 8173.86 MB
Available physical RAM: 7334.68 MB
Total Pagefile: 8172.01 MB
Available Pagefile: 7332.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.69 GB) (Free:15.16 GB) NTFS
Drive d: (DATA) (Fixed) (Total:698.63 GB) (Free:276.67 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:15 GB) (Free:1.67 GB) NTFS
Drive h: (KNORR) (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 850E92AE)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=96.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 850E9298)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)


LastRegBack: 2015-03-05 14:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---
__________________

Alt 08.03.2015, 14:58   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Dann bitte FRST vom Desktop aus scannen lassen und beide Logfiles posten
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.03.2015, 15:16   #5
Frusa567
 
Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Hallo ,

hatte meinen 2 post geändert und den scan schon hoch geladen da der fehler wieder kam.
auf den desktop komme ich ja leider nicht mehr


Alt 08.03.2015, 18:16   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\Unser\...\Winlogon: [Userinit] C:\Users\Unser\AppData\Roaming\loadit.exe [604894 2015-03-08] ()
HKU\Unser\...\Winlogon: [Shell] C:\Users\Unser\AppData\Roaming\loadit.exe [604894 2015-03-08] () <==== ATTENTION 
Startup: C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk ->  (No File)
Startup: C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
ShortcutTarget: ja.lnk ->  (No File)
S3 PCDSRVC{6DD8E36B-F4C10000-06020200}_0; \??\c:\users\unser\appdata\local\temp\zo._2iwyh0oi\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{EDD8E36B-0ADF384A-06020200}_0; \??\c:\users\unser\appdata\local\temp\8ljuqcdrudat\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{EDD8E36B-417232CF-06020200}_0; \??\c:\users\unser\appdata\local\temp\abgnubmop9bj\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
2015-03-08 09:05 - 2015-03-08 09:05 - 00604894 _____ () C:\Users\Unser\AppData\Roaming\loadit.exe
2015-03-02 14:58 - 2015-03-04 18:30 - 00000036 _____ () C:\Users\Unser\AppData\Roaming\url.txt
2015-02-28 21:27 - 2015-02-06 14:01 - 70185311 _____ () C:\Users\Unser\AppData\Roaming\autostarter.exe
Emptytemp:
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.



Rechner normal starten, sollte wieder gehen. Dann ab jetzt alles im normalen Modus:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> Bildschirm weiß nach Start. mauszeiger vorhanden

Alt 08.03.2015, 18:29   #7
Frusa567
 
Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



nummer eins vom fixlog

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-03-2015 01
Ran by SYSTEM at 2015-03-08 19:23:16 Run:1
Running from I:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
HKU\Unser\...\Winlogon: [Userinit] C:\Users\Unser\AppData\Roaming\loadit.exe [604894 2015-03-08] ()
HKU\Unser\...\Winlogon: [Shell] C:\Users\Unser\AppData\Roaming\loadit.exe [604894 2015-03-08] () <==== ATTENTION 
Startup: C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk ->  (No File)
Startup: C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
ShortcutTarget: ja.lnk ->  (No File)
S3 PCDSRVC{6DD8E36B-F4C10000-06020200}_0; \??\c:\users\unser\appdata\local\temp\zo._2iwyh0oi\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{EDD8E36B-0ADF384A-06020200}_0; \??\c:\users\unser\appdata\local\temp\8ljuqcdrudat\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{EDD8E36B-417232CF-06020200}_0; \??\c:\users\unser\appdata\local\temp\abgnubmop9bj\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
2015-03-08 09:05 - 2015-03-08 09:05 - 00604894 _____ () C:\Users\Unser\AppData\Roaming\loadit.exe
2015-03-02 14:58 - 2015-03-04 18:30 - 00000036 _____ () C:\Users\Unser\AppData\Roaming\url.txt
2015-02-28 21:27 - 2015-02-06 14:01 - 70185311 _____ () C:\Users\Unser\AppData\Roaming\autostarter.exe
Emptytemp:
         
*****************

HKU\Unser\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value deleted successfully.
HKU\Unser\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk => Moved successfully.
ShortcutTarget: AutoStarter.lnk ->  (No File) not found.
C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk => Moved successfully.
ShortcutTarget: ja.lnk ->  (No File) not found.
PCDSRVC{6DD8E36B-F4C10000-06020200}_0 => Service deleted successfully.
PCDSRVC{EDD8E36B-0ADF384A-06020200}_0 => Service deleted successfully.
PCDSRVC{EDD8E36B-417232CF-06020200}_0 => Service deleted successfully.
C:\Users\Unser\AppData\Roaming\loadit.exe => Moved successfully.
C:\Users\Unser\AppData\Roaming\url.txt => Moved successfully.
C:\Users\Unser\AppData\Roaming\autostarter.exe => Moved successfully.
Emptytemp: => Error: This directive works only outside recovery mode.

==== End of Fixlog 19:23:17 ====
         
der neue scan


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by Unser (administrator) on UNSER-PC on 08-03-2015 19:26:01
Running from C:\Users\Unser\Desktop
Loaded Profiles: Unser (Available profiles: Unser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13265480 2013-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1273416 2013-01-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-11] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-02-27] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-27] (Bitdefender)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {1af1edf4-c160-11e2-aa48-1c7508d7c5f8} - H:\LaunchU3.exe -a
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {8edb42c0-25fb-11e3-aa5b-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {d5665aed-592a-11e3-91db-1c7508d7c5f8} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-30] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-27] (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-22] (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-27] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-07] (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-27] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-27] (Bitdefender)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-09] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-07-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-08-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-671443653-1792276608-2591688684-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Unser\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-30] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\user.js [2013-12-03]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-10-19]
FF Extension: 20-20 3D Viewer - WEB - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\2020Player_WEB@2020Technologies.com [2014-07-06]
FF Extension: O2CPlayer Plugin - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\o2cplayer@eleco.com [2015-02-20]
FF Extension: leethax.net extension - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\leethax@leethax.net.xpi [2013-11-20]
FF Extension: SQLite Manager - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2014-04-17]
FF Extension: All-in-One Sidebar - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-04-06]
FF Extension: Adblock Plus - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-07]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-02-05]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\Unser\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-06-26] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-06] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2015-02-20] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-02-27] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-31] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-27] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-02-27] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-27] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-02-27] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-27] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-04] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [119376 2013-03-04] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-31] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-09-25] (Duplex Secure Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
U3 aszngfbf; C:\Windows\System32\Drivers\aszngfbf.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 19:26 - 2015-03-08 19:26 - 00016670 _____ () C:\Users\Unser\Desktop\FRST.txt
2015-03-08 19:25 - 2015-03-08 19:25 - 02095104 _____ (Farbar) C:\Users\Unser\Desktop\FRST64.exe
2015-03-08 19:25 - 2015-03-08 19:25 - 00000000 ____D () C:\Users\Unser\Desktop\FRST-OlderVersion
2015-03-08 10:18 - 2015-03-08 19:26 - 00000000 ____D () C:\FRST
2015-03-08 09:03 - 2015-03-08 09:04 - 00000000 ____D () C:\AdwCleaner
2015-03-08 09:03 - 2015-03-08 09:03 - 02126848 _____ () C:\Users\Unser\Downloads\AdwCleaner_4.111.exe
2015-03-08 08:32 - 2015-03-08 08:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 08:32 - 2015-03-08 08:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Unser\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-08 08:32 - 2015-03-08 08:32 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-08 08:32 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-08 08:32 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-08 08:32 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-08 08:28 - 2015-03-08 08:28 - 00000000 ____D () C:\Program Files (x86)\dumps
2015-03-04 15:31 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-28 17:34 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-28 17:34 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-27 12:29 - 2015-02-27 12:29 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-02-27 12:29 - 2015-02-27 12:29 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-02-27 12:29 - 2015-02-27 12:29 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2015-02-27 12:29 - 2015-02-27 12:29 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-02-20 23:17 - 2015-02-20 23:19 - 00189480 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-20 23:17 - 2015-02-20 23:17 - 00000000 ____D () C:\Users\Unser\AppData\Local\PunkBuster
2015-02-20 23:15 - 2015-02-20 23:15 - 00000000 ____D () C:\Users\Unser\Documents\America's Army 3
2015-02-20 23:13 - 2015-02-20 23:19 - 00189480 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-20 23:13 - 2015-02-20 23:13 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-20 23:13 - 2015-02-20 23:00 - 03360624 _____ () C:\Windows\SysWOW64\pbsvc.exe
2015-02-20 22:21 - 2015-03-01 16:28 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-20 22:17 - 2015-02-20 22:17 - 00000000 ____D () C:\Users\Unser\AppData\Local\Steam
2015-02-20 22:15 - 2015-03-08 08:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-20 22:15 - 2015-02-20 22:15 - 01142128 _____ () C:\Users\Unser\Downloads\SteamSetup.exe
2015-02-18 13:07 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-18 13:07 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-18 13:07 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-18 13:07 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-17 15:02 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files\iTunes
2015-02-17 15:02 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-17 15:02 - 2015-02-17 15:02 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\Program Files\iPod
2015-02-13 14:53 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 14:53 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 14:53 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-13 14:53 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:28 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:28 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:28 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:28 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:28 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:28 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:28 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:28 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:28 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:28 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:28 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:28 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:28 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:28 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:28 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:28 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:28 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:28 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:28 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:28 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:28 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:28 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:28 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:28 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:28 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:28 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:28 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:28 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:28 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:28 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:28 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:28 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:28 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:28 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:28 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:28 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:28 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:28 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:28 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:28 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:28 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:28 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:28 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:28 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:28 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:28 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:28 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:28 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:27 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:27 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:27 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:27 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:27 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:27 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:27 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:27 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:27 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:27 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:27 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:27 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:27 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:27 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:27 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:27 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:27 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:27 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:27 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:27 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:27 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:27 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:27 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:27 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:27 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:27 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:27 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:27 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:27 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:27 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:27 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:27 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 14:27 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:27 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:27 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 14:27 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 14:27 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 14:27 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-06 13:42 - 2015-02-06 13:42 - 00262871 _____ () C:\Users\Unser\Documents\Mappe1.xlsx
2015-02-06 13:29 - 2015-02-06 13:29 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 19:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-08 19:24 - 2009-07-14 05:51 - 00147487 _____ () C:\Windows\setupact.log
2015-03-08 09:08 - 2013-04-06 11:46 - 01186383 _____ () C:\Windows\WindowsUpdate.log
2015-03-08 09:08 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-08 09:08 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-08 09:06 - 2013-04-06 12:16 - 00161624 _____ () C:\Windows\PFRO.log
2015-03-08 08:54 - 2009-07-14 18:58 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2015-03-08 08:54 - 2009-07-14 18:58 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2015-03-08 08:54 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 08:34 - 2013-04-09 15:36 - 00000000 ____D () C:\Users\Unser\AppData\Local\Adobe
2015-03-07 23:43 - 2013-04-06 11:47 - 00000000 ____D () C:\Users\Unser
2015-03-07 23:42 - 2015-01-23 11:15 - 00000000 ____D () C:\Program Files (x86)\Free M4a to MP3 Converter
2015-03-07 23:42 - 2014-10-10 15:43 - 00000000 ____D () C:\Program Files (x86)\posterXXL Designer
2015-03-07 23:42 - 2014-09-23 07:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-07 23:42 - 2014-09-19 22:11 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-07 23:42 - 2014-09-19 22:11 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-03-07 23:42 - 2014-06-29 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-07 23:42 - 2014-06-20 18:14 - 00000000 ____D () C:\Program Files (x86)\ratDVD
2015-03-07 23:42 - 2014-04-17 10:05 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2015-03-07 23:42 - 2013-09-25 16:59 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2015-03-07 23:42 - 2013-08-19 10:13 - 00000000 ____D () C:\Program Files (x86)\EMDB
2015-03-07 23:42 - 2013-08-07 14:28 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2015-03-07 23:42 - 2013-06-03 16:42 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2015-03-07 23:42 - 2013-04-30 19:04 - 00000000 ____D () C:\Windows\system32\SPReview
2015-03-07 23:42 - 2013-04-28 08:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-03-07 23:42 - 2013-04-24 16:50 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-03-07 23:42 - 2013-04-24 16:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-07 23:42 - 2013-04-06 16:10 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-07 23:42 - 2013-04-06 12:53 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-03-07 23:42 - 2013-04-06 12:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-07 23:42 - 2013-04-06 11:52 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect
2015-03-07 23:42 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-07 23:42 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-03-07 23:42 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-04 15:29 - 2013-04-06 11:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 16:27 - 2013-04-06 12:53 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\UseNeXT
2015-03-01 16:24 - 2014-02-28 14:46 - 00000000 ____D () C:\Users\Unser\Documents\UseNeXT
2015-03-01 14:26 - 2014-03-15 20:53 - 00000000 ____D () C:\Users\Unser\Desktop\Lenz
2015-02-28 17:34 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-27 12:29 - 2015-02-05 14:28 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-02-27 12:29 - 2015-02-05 14:28 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-02-27 12:29 - 2014-01-21 14:29 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2015-02-20 23:13 - 2013-04-06 16:06 - 00356894 _____ () C:\Windows\DirectX.log
2015-02-20 11:31 - 2013-04-07 10:19 - 00000000 ____D () C:\Users\Unser\AppData\Local\Microsoft Games
2015-02-20 10:21 - 2013-04-24 16:51 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\Apple Computer
2015-02-19 12:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-18 16:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-17 15:02 - 2013-04-24 16:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-17 14:29 - 2013-08-19 21:35 - 00000000 ____D () C:\Users\Unser\Desktop\Spiele & Programme
2015-02-12 20:48 - 2009-07-14 05:45 - 05110224 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 15:10 - 2014-12-11 13:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 15:10 - 2014-05-08 05:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 15:08 - 2013-04-28 08:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 15:07 - 2013-08-17 18:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 15:03 - 2013-04-06 14:17 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 14:29 - 2013-04-06 11:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 14:29 - 2013-04-06 11:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-09 14:29 - 2013-04-06 11:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2014-12-06 13:44 - 2011-07-19 03:37 - 0003262 _____ () C:\Program Files (x86)\Falco.ico
2014-12-06 13:44 - 2011-07-19 04:05 - 0000046 _____ () C:\Program Files (x86)\Falco.url
2013-09-25 13:22 - 2014-02-16 14:22 - 0000144 _____ () C:\Users\Unser\AppData\Roaming\WB.CFG
2014-04-17 08:35 - 2014-04-17 08:48 - 0000789 _____ () C:\Users\Unser\AppData\Local\cookies.ini
2013-04-06 13:53 - 2013-04-06 13:55 - 0019118 _____ () C:\Users\Unser\AppData\Local\HWVendorDetection.log
2015-02-05 14:29 - 2015-02-05 14:29 - 0536388 _____ () C:\ProgramData\1423142746.bdinstall.bin
2013-04-17 10:32 - 2013-04-17 10:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Unser\AppData\Local\Temp\80323uninstall.exe
C:\Users\Unser\AppData\Local\Temp\CH.dll
C:\Users\Unser\AppData\Local\Temp\cvtres.exe
C:\Users\Unser\AppData\Local\Temp\FoxyDeal_Setup.exe
C:\Users\Unser\AppData\Local\Temp\ins.exe
C:\Users\Unser\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Unser\AppData\Local\Temp\k3ydxivu.dll
C:\Users\Unser\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe
C:\Users\Unser\AppData\Local\Temp\optprosetup.exe
C:\Users\Unser\AppData\Local\Temp\ose00000.exe
C:\Users\Unser\AppData\Local\Temp\Quarantine.exe
C:\Users\Unser\AppData\Local\Temp\ratDVDSetup-0.78.1444.exe
C:\Users\Unser\AppData\Local\Temp\s52eslv0.dll
C:\Users\Unser\AppData\Local\Temp\sqlite3.dll
C:\Users\Unser\AppData\Local\Temp\Uninstall.exe
C:\Users\Unser\AppData\Local\Temp\_is1343.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 14:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



und die addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 03
Ran by Unser at 2015-03-08 19:26:31
Running from C:\Users\Unser\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Disabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Disabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{EA4954FD-C685-1C7D-16F3-9BC2FD5E6BD3}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
America's Army 3 (HKLM-x32\...\Steam App 13140) (Version:  - U.S. Army)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 10.0.7 (HKLM-x32\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.7 - Ashampoo GmbH & Co. KG)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{EA72DC2C-4B61-4FB6-9460-8EBD0CECE84E}) (Version: 0.9.43 - Kovid Goyal)
CINEMA 4D 12.016 (HKLM\...\MAXON8C02D5E0) (Version: 12.016 - MAXON Computer GmbH)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
EMDB 2.03 (HKLM-x32\...\EMDB_is1) (Version:  - Wicked & Wild Inc.)
ENE CIR Receiver Driver (HKLM\...\9201E5BD02AE4540AF31E8A23F8E4A0A8FEFB31C) (Version: 2.7.4.3 - ENE)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
Free Audio Converter version 5.0.47.906 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.47.906 - DVDVideoSoft Ltd.)
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
HandBrake 0.9.9 (HKLM-x32\...\HandBrake) (Version: 0.9.9 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
posterXXL Designer 5.3 (HKLM-x32\...\posterXXL Designer)_is1) (Version:  - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}) (Version: 1.0 - QualComm Atheros)
ratDVD 0.78.1444 (HKLM-x32\...\ratDVD) (Version: 0.78.1444 - ratDVD)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6823 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.9.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
UseNeXT (HKLM-x32\...\UseNeXT_is1) (Version:  - Tangysoft Ltd.)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows-Treiberpaket - Advanced Micro Devices (AtiHDAudioService) MEDIA  (12/10/2012 7.12.0.7714) (HKLM\...\7E0381AC3AF28ABDF0C226F0A034E7AE00AB8912) (Version: 12/10/2012 7.12.0.7714 - Advanced Micro Devices)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (02/04/2013 11.7.3.1001) (HKLM\...\6B5B87F9AA2687F4084AFFBEC0873C604918992C) (Version: 02/04/2013 11.7.3.1001 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (09/01/2012 11.6.0.1030) (HKLM\...\C5447D3383070620C3892FF393F522D6225CBA13) (Version: 09/01/2012 11.6.0.1030 - Intel Corporation)
Windows-Treiberpaket - Intel System  (03/10/2011 9.2.0.1026) (HKLM\...\9BC1D406C7F459937934ABBF1D718304962F15C8) (Version: 03/10/2011 9.2.0.1026 - Intel)
Windows-Treiberpaket - Intel System  (04/14/2011 1.2.0.1030) (HKLM\...\CF7E87A2491E5E9846C8193CC987F35028937C4B) (Version: 04/14/2011 1.2.0.1030 - Intel)
Windows-Treiberpaket - Intel System  (07/19/2011 9.2.0.1032) (HKLM\...\03616F2289682C41A0832A9023B55F5F63976BD4) (Version: 07/19/2011 9.2.0.1032 - Intel)
Windows-Treiberpaket - Intel System  (10/05/2012 9.2.0.1032) (HKLM\...\78687D16D0A71C3BDAA0468F5661543CDF26FD7C) (Version: 10/05/2012 9.2.0.1032 - Intel)
Windows-Treiberpaket - Intel System  (10/05/2012 9.2.0.1032) (HKLM\...\7E9FE2A1075EF0CBC79E935D39DCE2F811618FE7) (Version: 10/05/2012 9.2.0.1032 - Intel)
Windows-Treiberpaket - Intel System  (10/05/2012 9.2.0.1032) (HKLM\...\DA98CAF7C61E6CF8439BF7FFDAFE5717CFF73687) (Version: 10/05/2012 9.2.0.1032 - Intel)
Windows-Treiberpaket - Intel System  (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)
Windows-Treiberpaket - Intel USB  (10/05/2012 9.2.0.1032) (HKLM\...\BEBD188D699DEE8649A9B6D18A94D552D9616614) (Version: 10/05/2012 9.2.0.1032 - Intel)
Windows-Treiberpaket - Intel USB  (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)
Windows-Treiberpaket - Qualcomm Atheros (L1C) Net  (02/21/2013 2.1.0.15) (HKLM\...\A763106243EA4A9A9620C4C064D7B9166B865245) (Version: 02/21/2013 2.1.0.15 - Qualcomm Atheros)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (02/19/2013 10.0.0.227) (HKLM\...\A5DF0395A7D842A5C0098DF11BA12A648E8DBA27) (Version: 02/19/2013 10.0.0.227 - Qualcomm Atheros Communications Inc.)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (01/16/2013 6.0.1.6823) (HKLM\...\71DDFD4CE41E6CEDD4A69265BCB9F3593E86DC8B) (Version: 01/16/2013 6.0.1.6823 - Realtek Semiconductor Corp.)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (01/16/2013 6.0.1.6823) (HKLM\...\A99E6E40ACE53A247AA4BC485E9DA014CFA95127) (Version: 01/16/2013 6.0.1.6823 - Realtek Semiconductor Corp.)
Windows-Treiberpaket - Renesas Electronics (nusb3hub) USB  (09/13/2011 2.1.27.0) (HKLM\...\508A1083774A6A80E959ECA06C7BF593A457DFD0) (Version: 09/13/2011 2.1.27.0 - Renesas Electronics)
Windows-Treiberpaket - Renesas Electronics (nusb3xhc) USB  (09/13/2011 2.1.27.0) (HKLM\...\6F83519DC052A6F51A2143C467FADB9C0171823C) (Version: 09/13/2011 2.1.27.0 - Renesas Electronics)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (01/10/2013 16.3.9.0) (HKLM\...\28F546B63BB1E2C8D8FA11DA3717497312022644) (Version: 01/10/2013 16.3.9.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (07/24/2012 16.2.7.2) (HKLM\...\2E3753FF88B14ABD6711DBDF41828906A513CB26) (Version: 07/24/2012 16.2.7.2 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (01/10/2013 16.3.9.0) (HKLM\...\64AF61DCB4825A180D5141D50D9D36F711D19AA2) (Version: 01/10/2013 16.3.9.0 - Synaptics)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {294F3D16-C8A3-46BC-9262-44CEC6C4F729} - \Funmoods No Task File <==== ATTENTION
Task: {3D6F2C6F-AA74-4E22-AD00-1867D4628C6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09] (Adobe Systems Incorporated)
Task: {6C7EB311-C754-46B8-BC72-C3E8ACF7B4CB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {84F9BAF0-7503-4AB4-9AE9-60DC522FE7C6} - System32\Tasks\AdobeAAMUpdater-1.0-Unser-PC-Unser => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-05 14:28 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-02-05 14:28 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-02-05 14:28 - 2015-01-20 17:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-02-05 14:28 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-06 16:10 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-02-20 23:13 - 2015-02-20 23:13 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-05 14:28 - 2014-08-27 16:30 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\txmlutil.dll
2015-02-05 14:28 - 2015-02-27 12:29 - 00067808 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\bdwtxff.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Unser\Downloads\SteamSetup.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-671443653-1792276608-2591688684-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-671443653-1792276608-2591688684-500 - Administrator - Disabled)
Gast (S-1-5-21-671443653-1792276608-2591688684-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-671443653-1792276608-2591688684-1002 - Limited - Enabled)
Unser (S-1-5-21-671443653-1792276608-2591688684-1000 - Administrator - Enabled) => C:\Users\Unser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2015 07:26:15 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/08/2015 07:25:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 8.3.2015.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11f8

Startzeit: 01d059cd43dc5e29

Endzeit: 0

Anwendungspfad: C:\Users\Unser\Desktop\FRST64.exe

Berichts-ID: 8a9c2816-c5c0-11e4-b2fa-1c7508d7c5f8

Error: (03/08/2015 09:08:35 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/08/2015 08:52:09 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/08/2015 08:26:27 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/08/2015 08:24:27 AM) (Source: System Restore) (EventID: 8206) (User: )
Description: Der ausgewählte Wiederherstellungspunkt wurde während der Wiederherstellung beschädigt oder gelöscht (Geplanter Prüfpunkt).

Error: (03/08/2015 01:04:53 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/07/2015 11:34:46 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/07/2015 11:23:27 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/07/2015 08:47:08 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (03/08/2015 07:25:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (03/08/2015 05:20:27 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (03/08/2015 05:20:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AFD
avc3
BdfNdisf
bdfwfpf
DfsC
discache
gzflt
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
trufos
vwififlt
Wanarpv6
WfpLwf

Error: (03/08/2015 05:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/08/2015 05:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/08/2015 05:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/08/2015 05:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst "Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%31

Error: (03/08/2015 05:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (03/08/2015 05:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerkspeicher-Schnittstellendienst" ist vom Dienst "NSI proxy service driver." abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%31

Error: (03/08/2015 05:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "Ancillary Function Driver for Winsock" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%31


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 23%
Total physical RAM: 8173.86 MB
Available physical RAM: 6288.04 MB
Total Pagefile: 16345.91 MB
Available Pagefile: 14315.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.69 GB) (Free:15.13 GB) NTFS
Drive d: (DATA) (Fixed) (Total:698.63 GB) (Free:276.67 GB) NTFS
Drive f: (The Sims 4) (CDROM) (Total:8.21 GB) (Free:0 GB) CDFS
Drive i: (KNORR) (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 850E92AE)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=96.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 850E9298)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)

==================== End Of Log ============================
         

Alt 08.03.2015, 18:48   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Ich geb Dir jetzt mehrere Sachen auf, die ich normal auf mehrere Posts verteile. Du brauchst die Kiste ja morgen früh.

Vorab:
Nach den Scans, vor dem Onlinescan, kannste schon wieder normal mit arbeiten.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.03.2015, 19:21   #9
Frusa567
 
Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Vielen dank für deine schnelle und super Hilfe!!!

anbei schon mal die ersten Codes. Online scanner läuft gerade noch.

mbam

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 08.03.2015
Suchlauf-Zeit: 19:49:47
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.03.08.05
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Unser

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 354516
Verstrichene Zeit: 6 Min, 40 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

adwcleander

Code:
ATTFilter
# AdwCleaner v4.111 - Bericht erstellt 08/03/2015 um 19:59:07
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Unser - UNSER-PC
# Gestarted von : C:\Users\Unser\Downloads\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Users\Unser\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Unser\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Unser\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Unser\AppData\Roaming\Funmoods
Datei Gelöscht : C:\Users\Unser\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Unser\daemonprocess.txt
Datei Gelöscht : C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\user.js

***** [ Geplante Tasks ] *****

Task Gelöscht : Funmoods

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\UpdateStar
Schlüssel Gelöscht : HKCU\Software\foxydeal
Schlüssel Gelöscht : HKCU\Software\DriverTuner_Init
Schlüssel Gelöscht : HKCU\Software\DriverTuner
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Show-Password
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v36.0 (x86 de)

[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.aflt", "orgnl");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.autoRvrt", false);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.dfltLng", "");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.dfltSrch", false);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.dnsErr", true);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.envrmnt", "production");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.excTlbr", true);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.fmupdtFirst", false);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.hmpg", false);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0FzyyDtA0DyByByB0CzztAzytN0D0Tzu0CyEyCtBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1913173000");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.id", "EC55F953D777C839");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.instlDay", "15801");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.instlRef", "");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.isdcmntcmplt", true);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2213:27:8");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.newTab", false);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0FzyyDtA0DyByByB0CzztAzytN0D0Tzu0CyEyCtBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1913173000");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.prdct", "funmoods");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.prtnrId", "funmoods");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.smplGrp", "none");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.srchPrvdr", "Search");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.tlbrId", "base");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0FzyyDtA0DyByByB0CzztAzytN0D0Tzu0CyEyCtBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1913173000&q[...]
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2213:27:8");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods_i.newTab", false);
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods_i.smplGrp", "none");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2213:27:8");
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
[ysgxqzps.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [7595 Bytes] - [08/03/2015 09:03:39]
AdwCleaner[R1].txt - [7654 Bytes] - [08/03/2015 19:58:11]
AdwCleaner[S0].txt - [7551 Bytes] - [08/03/2015 19:59:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7610  Bytes] ##########
         

JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by Unser on 08.03.2015 at 20:02:04,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Unser\AppData\Roaming\mozilla\firefox\profiles\ysgxqzps.default\minidumps [155 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.03.2015 at 20:04:24,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 08.03.2015, 19:34   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.03.2015, 22:25   #11
Frusa567
 
Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



eset log

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a1708c5b72f9e74fa4d6653c139fbc9b
# engine=22809
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-08 10:04:16
# local_time=2015-03-08 11:04:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2066 16777213 100 100 10975 129697565 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 84095 177482106 0 0
# scanned=303495
# found=13
# cleaned=0
# scan_time=10542
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Unser\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=99F97AD369E8621AB4D17DF53E80E60FEE99C727 ft=1 fh=42567613b862d846 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Unser\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=61AACE04F47773B14E4FE9A3F52CD268C0926BE9 ft=1 fh=c71c0011567c03fb vn="Win32/Packed.Autoit.H evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Unser\AppData\Roaming\autostarter.exe.xBAD"
sh=9414B3436A384D1429F88821E8E9FA1D634E5607 ft=1 fh=f276fc180fbc75a6 vn="Win32/InstallMonetizer.AW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Unser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QCCO00J\WORLD_21_target_5830[1].exe"
sh=0440A978E0F4AEA6B0BF8A0373FAC3D66DEC61F2 ft=1 fh=7a2c99a940b074ff vn="Win32/Somoto.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Unser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8O7EL9N\minibar-core[1].exe"
sh=9E097061AC5B4EAE8B07331FB4342B0C08B1BEA4 ft=1 fh=172630b7462151e1 vn="Win32/Mobogenie.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Unser\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe"
sh=39DB6C0D8D8460A051ADC5FE2007FE4648C7F2B8 ft=1 fh=68231458c03faf84 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Unser\AppData\Local\Temp\optprosetup.exe"
sh=333BEB35A70772F1757E99F0154D59964B921D3F ft=1 fh=534a19fe0349cbc1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Unser\AppData\Local\Temp\DMR\dmr_72.exe"
sh=D857C664CE9D248816CDB2E9BCA065343657502A ft=1 fh=a85b5fee098ab53d vn="Win32/Somoto.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Unser\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\5b06e73c66b13128cd03586177ce6642\m4a-to-mp3-83converter.exe"
sh=03122518CF789F63ACE5E6CC18D09BD6E3D34A04 ft=1 fh=3537c5d07cea3b07 vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Unser\AppData\Local\Temp\is-PRT3H.tmp\OptProCrash.dll"
sh=A3534356BA388AEC0F9C15EC0236D36E950833EF ft=1 fh=621402ad54c98504 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Unser\AppData\Local\Temp\{2F223CC3-7E90-4876-9CEB-51331832E071}\setup.exe"
sh=E5E4F4FA34E304F4468C98C8E7EF3A27AE3BDB28 ft=1 fh=853ac19cdcfcc2ca vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Unser\Downloads\Free M4a to MP3 Converter - CHIP-Installer.exe"
sh=7636D908999E85A52A403488170A08EA3BDC269E ft=1 fh=8779f49d266f9ea1 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\---= Programme =---\Ashampoo Burning Studio 10 v10.07 Final - Multilan\ABS10.07 SETUP\ashampoo_burning_studio_10_10.0.7_sm.exe"
         
SecurityCheck

Code:
ATTFilter
  Results of screen317's Security Check version 0.99.97  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
Bitdefender Antivirus   
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 25  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.305  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Mozilla Firefox (36.0) 
 Mozilla Thunderbird 24.6.0 Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Bitdefender 2015 vsserv.exe  
 Bitdefender Bitdefender 2015 updatesrv.exe  
 Bitdefender Bitdefender 2015 bdagent.exe  
 Bitdefender Bitdefender 2015 bdwtxag.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

so und noch mal die neue frst log


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by Unser (administrator) on UNSER-PC on 08-03-2015 23:30:34
Running from C:\Users\Unser\Desktop\FRST-OlderVersion
Loaded Profiles: Unser (Available profiles: Unser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13265480 2013-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1273416 2013-01-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-11] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-02-27] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-27] (Bitdefender)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {1af1edf4-c160-11e2-aa48-1c7508d7c5f8} - H:\LaunchU3.exe -a
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {8edb42c0-25fb-11e3-aa5b-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {d5665aed-592a-11e3-91db-1c7508d7c5f8} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-30] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-27] (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-22] (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-27] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-07] (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-27] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-27] (Bitdefender)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-09] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-07-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-08-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-671443653-1792276608-2591688684-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Unser\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-30] (Unity Technologies ApS)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-10-19]
FF Extension: 20-20 3D Viewer - WEB - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\2020Player_WEB@2020Technologies.com [2014-07-06]
FF Extension: O2CPlayer Plugin - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\o2cplayer@eleco.com [2015-02-20]
FF Extension: leethax.net extension - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\leethax@leethax.net.xpi [2013-11-20]
FF Extension: SQLite Manager - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2014-04-17]
FF Extension: All-in-One Sidebar - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-04-06]
FF Extension: Adblock Plus - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-07]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-02-05]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\Unser\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-06-26] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-06] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2015-02-20] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-02-27] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-31] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-27] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-02-27] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-27] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-02-27] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-27] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-04] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [119376 2013-03-04] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-31] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-09-25] (Duplex Secure Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
U3 av27xnsx; C:\Windows\System32\Drivers\av27xnsx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 20:57 - 2015-03-08 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 20:22 - 2015-03-08 20:22 - 00852604 _____ () C:\Users\Unser\Desktop\SecurityCheck.exe
2015-03-08 20:05 - 2015-03-08 20:05 - 02347384 _____ (ESET) C:\Users\Unser\Downloads\esetsmartinstaller_deu.exe
2015-03-08 20:04 - 2015-03-08 20:04 - 00000892 _____ () C:\Users\Unser\Desktop\JRT.txt
2015-03-08 20:00 - 2015-03-08 20:00 - 01388333 _____ (Thisisu) C:\Users\Unser\Downloads\JRT.exe
2015-03-08 20:00 - 2015-03-08 20:00 - 00007698 _____ () C:\Users\Unser\Desktop\AdwCleaner[S0].txt
2015-03-08 19:57 - 2015-03-08 19:57 - 00001202 _____ () C:\Users\Unser\Desktop\mbam.txt
2015-03-08 19:25 - 2015-03-08 23:30 - 00000000 ____D () C:\Users\Unser\Desktop\FRST-OlderVersion
2015-03-08 10:18 - 2015-03-08 23:30 - 00000000 ____D () C:\FRST
2015-03-08 09:03 - 2015-03-08 19:59 - 00000000 ____D () C:\AdwCleaner
2015-03-08 09:03 - 2015-03-08 09:03 - 02126848 _____ () C:\Users\Unser\Downloads\AdwCleaner_4.111.exe
2015-03-08 08:32 - 2015-03-08 19:49 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 08:32 - 2015-03-08 08:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Unser\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-08 08:32 - 2015-03-08 08:32 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-08 08:32 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-08 08:32 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-08 08:32 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-08 08:28 - 2015-03-08 08:28 - 00000000 ____D () C:\Program Files (x86)\dumps
2015-02-28 17:34 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-28 17:34 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-27 12:29 - 2015-02-27 12:29 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-02-27 12:29 - 2015-02-27 12:29 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-02-27 12:29 - 2015-02-27 12:29 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2015-02-27 12:29 - 2015-02-27 12:29 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-02-20 23:17 - 2015-02-20 23:19 - 00189480 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-20 23:17 - 2015-02-20 23:17 - 00000000 ____D () C:\Users\Unser\AppData\Local\PunkBuster
2015-02-20 23:15 - 2015-02-20 23:15 - 00000000 ____D () C:\Users\Unser\Documents\America's Army 3
2015-02-20 23:13 - 2015-02-20 23:19 - 00189480 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-20 23:13 - 2015-02-20 23:13 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-20 23:13 - 2015-02-20 23:00 - 03360624 _____ () C:\Windows\SysWOW64\pbsvc.exe
2015-02-20 22:21 - 2015-03-01 16:28 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-20 22:17 - 2015-02-20 22:17 - 00000000 ____D () C:\Users\Unser\AppData\Local\Steam
2015-02-20 22:15 - 2015-03-08 08:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-20 22:15 - 2015-02-20 22:15 - 01142128 _____ () C:\Users\Unser\Downloads\SteamSetup.exe
2015-02-18 13:07 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-18 13:07 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-18 13:07 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-18 13:07 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-17 15:02 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files\iTunes
2015-02-17 15:02 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-17 15:02 - 2015-02-17 15:02 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\Program Files\iPod
2015-02-13 14:53 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 14:53 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 14:53 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-13 14:53 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:28 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:28 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:28 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:28 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:28 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:28 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:28 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:28 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:28 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:28 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:28 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:28 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:28 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:28 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:28 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:28 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:28 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:28 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:28 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:28 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:28 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:28 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:28 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:28 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:28 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:28 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:28 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:28 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:28 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:28 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:28 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:28 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:28 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:28 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:28 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:28 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:28 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:28 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:28 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:28 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:28 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:28 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:28 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:28 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:28 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:28 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:28 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:28 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:27 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:27 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:27 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:27 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:27 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:27 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:27 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:27 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:27 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:27 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:27 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:27 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:27 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:27 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:27 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:27 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:27 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:27 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:27 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:27 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:27 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:27 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:27 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:27 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:27 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:27 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:27 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:27 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:27 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:27 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:27 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:27 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 14:27 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:27 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:27 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 14:27 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 14:27 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 14:27 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-06 13:42 - 2015-02-06 13:42 - 00262871 _____ () C:\Users\Unser\Documents\Mappe1.xlsx
2015-02-06 13:29 - 2015-02-06 13:29 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 23:29 - 2013-04-06 11:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 23:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-08 23:27 - 2009-07-14 05:51 - 00147599 _____ () C:\Windows\setupact.log
2015-03-08 23:26 - 2013-04-06 11:46 - 01197203 _____ () C:\Windows\WindowsUpdate.log
2015-03-08 20:06 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-08 20:06 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-08 20:04 - 2009-07-14 18:58 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2015-03-08 20:04 - 2009-07-14 18:58 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2015-03-08 20:04 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 20:01 - 2013-04-06 12:03 - 00000000 ____D () C:\ProgramData\BDLogging
2015-03-08 19:59 - 2013-04-06 11:47 - 00000000 ____D () C:\Users\Unser
2015-03-08 09:06 - 2013-04-06 12:16 - 00161624 _____ () C:\Windows\PFRO.log
2015-03-08 08:34 - 2013-04-09 15:36 - 00000000 ____D () C:\Users\Unser\AppData\Local\Adobe
2015-03-07 23:42 - 2015-01-23 11:15 - 00000000 ____D () C:\Program Files (x86)\Free M4a to MP3 Converter
2015-03-07 23:42 - 2014-10-10 15:43 - 00000000 ____D () C:\Program Files (x86)\posterXXL Designer
2015-03-07 23:42 - 2014-09-23 07:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-07 23:42 - 2014-09-19 22:11 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-07 23:42 - 2014-09-19 22:11 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-03-07 23:42 - 2014-06-29 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-07 23:42 - 2014-06-20 18:14 - 00000000 ____D () C:\Program Files (x86)\ratDVD
2015-03-07 23:42 - 2014-04-17 10:05 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2015-03-07 23:42 - 2013-09-25 16:59 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2015-03-07 23:42 - 2013-08-19 10:13 - 00000000 ____D () C:\Program Files (x86)\EMDB
2015-03-07 23:42 - 2013-08-07 14:28 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2015-03-07 23:42 - 2013-06-03 16:42 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2015-03-07 23:42 - 2013-04-30 19:04 - 00000000 ____D () C:\Windows\system32\SPReview
2015-03-07 23:42 - 2013-04-28 08:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-03-07 23:42 - 2013-04-24 16:50 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-03-07 23:42 - 2013-04-24 16:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-07 23:42 - 2013-04-06 16:10 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-07 23:42 - 2013-04-06 12:53 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-03-07 23:42 - 2013-04-06 12:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-07 23:42 - 2013-04-06 11:52 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect
2015-03-07 23:42 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-07 23:42 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-03-07 23:42 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-01 16:27 - 2013-04-06 12:53 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\UseNeXT
2015-03-01 16:24 - 2014-02-28 14:46 - 00000000 ____D () C:\Users\Unser\Documents\UseNeXT
2015-03-01 14:26 - 2014-03-15 20:53 - 00000000 ____D () C:\Users\Unser\Desktop\Lenz
2015-02-28 17:34 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-27 12:29 - 2015-02-05 14:28 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-02-27 12:29 - 2015-02-05 14:28 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-02-27 12:29 - 2014-01-21 14:29 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2015-02-20 23:13 - 2013-04-06 16:06 - 00356894 _____ () C:\Windows\DirectX.log
2015-02-20 11:31 - 2013-04-07 10:19 - 00000000 ____D () C:\Users\Unser\AppData\Local\Microsoft Games
2015-02-20 10:21 - 2013-04-24 16:51 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\Apple Computer
2015-02-19 12:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-18 16:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-17 15:02 - 2013-04-24 16:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-17 14:29 - 2013-08-19 21:35 - 00000000 ____D () C:\Users\Unser\Desktop\Spiele & Programme
2015-02-12 20:48 - 2009-07-14 05:45 - 05110224 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 15:10 - 2014-12-11 13:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 15:10 - 2014-05-08 05:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 15:08 - 2013-04-28 08:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 15:07 - 2013-08-17 18:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 15:03 - 2013-04-06 14:17 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 14:29 - 2013-04-06 11:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 14:29 - 2013-04-06 11:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-09 14:29 - 2013-04-06 11:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2014-12-06 13:44 - 2011-07-19 03:37 - 0003262 _____ () C:\Program Files (x86)\Falco.ico
2014-12-06 13:44 - 2011-07-19 04:05 - 0000046 _____ () C:\Program Files (x86)\Falco.url
2013-09-25 13:22 - 2014-02-16 14:22 - 0000144 _____ () C:\Users\Unser\AppData\Roaming\WB.CFG
2014-04-17 08:35 - 2014-04-17 08:48 - 0000789 _____ () C:\Users\Unser\AppData\Local\cookies.ini
2013-04-06 13:53 - 2013-04-06 13:55 - 0019118 _____ () C:\Users\Unser\AppData\Local\HWVendorDetection.log
2015-02-05 14:29 - 2015-02-05 14:29 - 0536388 _____ () C:\ProgramData\1423142746.bdinstall.bin
2013-04-17 10:32 - 2013-04-17 10:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Unser\AppData\Local\Temp\80323uninstall.exe
C:\Users\Unser\AppData\Local\Temp\CH.dll
C:\Users\Unser\AppData\Local\Temp\cvtres.exe
C:\Users\Unser\AppData\Local\Temp\FoxyDeal_Setup.exe
C:\Users\Unser\AppData\Local\Temp\ins.exe
C:\Users\Unser\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Unser\AppData\Local\Temp\k3ydxivu.dll
C:\Users\Unser\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe
C:\Users\Unser\AppData\Local\Temp\optprosetup.exe
C:\Users\Unser\AppData\Local\Temp\ose00000.exe
C:\Users\Unser\AppData\Local\Temp\Quarantine.exe
C:\Users\Unser\AppData\Local\Temp\ratDVDSetup-0.78.1444.exe
C:\Users\Unser\AppData\Local\Temp\s52eslv0.dll
C:\Users\Unser\AppData\Local\Temp\sqlite3.dll
C:\Users\Unser\AppData\Local\Temp\_is1343.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 14:31

==================== End Of Log ============================
         
--- --- ---



was meinst du ? sieht alles gut aus?

was würdest du empfehlen zwecks sicherheit? sämtliche passwörter und zugänge ändern?`( bsp. Bank. Amazon... usw)

Geändert von Frusa567 (08.03.2015 um 22:32 Uhr)

Alt 09.03.2015, 12:10   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Java, Adobe und Thunderbird updaten.




Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\AdwCleaner\Quarantine\C\Users\Unser\AppData\Local\Temp\OCS\ocs_v71a.exe.vir

C:\AdwCleaner\Quarantine\C\Users\Unser\AppData\Local\Temp\OCS\ocs_v71b.exe.vir

C:\FRST\Quarantine\C\Users\Unser\AppData\Roaming\autostarter.exe.xBAD

C:\Users\Unser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QCCO00J\WORLD_21_target_5830[1].exe

C:\Users\Unser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8O7EL9N\minibar-core[1].exe

C:\Users\Unser\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe

C:\Users\Unser\AppData\Local\Temp\optprosetup.exe

C:\Users\Unser\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Unser\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\5b06e73c66b13128cd03586177ce6642\m4a-to-mp3-83converter.exe

C:\Users\Unser\AppData\Local\Temp\is-PRT3H.tmp\OptProCrash.dll

C:\Users\Unser\AppData\Local\Temp\{2F223CC3-7E90-4876-9CEB-51331832E071}\setup.exe

C:\Users\Unser\Downloads\Free M4a to MP3 Converter - CHIP-Installer.exe

D:\---= Programme =---\Ashampoo Burning Studio 10 v10.07 Final - Multilan\ABS10.07 SETUP\ashampoo_burning_studio_10_10.0.7_sm.exe

Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Passwörter ändern ist Pflicht, aber noch viel mehr Pflicht is mit dem Scheiss aufzuhören:
Zitat:
C:\Users\Unser\Downloads\Free M4a to MP3 Converter - CHIP-Installer.exe

D:\---= Programme =---\Ashampoo Burning Studio 10 v10.07 Final - Multilan\ABS10.07 SETUP\ashampoo_burning_studio_10_10.0.7_sm.exe


Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.03.2015, 10:39   #13
Frusa567
 
Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Farbar

Code:
ATTFilter
Farbar Service Scanner Version: 17-01-2015
Ran by Unser (administrator) on 10-03-2015 at 11:38:44
Running from "C:\Users\Unser\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Policy: 
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
         

fixlog

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-03-2015 03
Ran by Unser at 2015-03-10 11:36:43 Run:2
Running from C:\Users\Unser\Desktop\FRST-OlderVersion
Loaded Profiles: Unser (Available profiles: Unser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\AdwCleaner\Quarantine\C\Users\Unser\AppData\Local\Temp\OCS\ocs_v71a.exe.vir

C:\AdwCleaner\Quarantine\C\Users\Unser\AppData\Local\Temp\OCS\ocs_v71b.exe.vir

C:\FRST\Quarantine\C\Users\Unser\AppData\Roaming\autostarter.exe.xBAD

C:\Users\Unser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QCCO00J\WORLD_21_target_5830[1].exe

C:\Users\Unser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8O7EL9N\minibar-core[1].exe

C:\Users\Unser\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe

C:\Users\Unser\AppData\Local\Temp\optprosetup.exe

C:\Users\Unser\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Unser\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\5b06e73c66b13128cd03586177ce6642\m4a-to-mp3-83converter.exe

C:\Users\Unser\AppData\Local\Temp\is-PRT3H.tmp\OptProCrash.dll

C:\Users\Unser\AppData\Local\Temp\{2F223CC3-7E90-4876-9CEB-51331832E071}\setup.exe

C:\Users\Unser\Downloads\Free M4a to MP3 Converter - CHIP-Installer.exe

D:\---= Programme =---\Ashampoo Burning Studio 10 v10.07 Final - Multilan\ABS10.07 SETUP\ashampoo_burning_studio_10_10.0.7_sm.exe

Emptytemp:
         
*****************

C:\AdwCleaner\Quarantine\C\Users\Unser\AppData\Local\Temp\OCS\ocs_v71a.exe.vir => Moved successfully.
C:\AdwCleaner\Quarantine\C\Users\Unser\AppData\Local\Temp\OCS\ocs_v71b.exe.vir => Moved successfully.
C:\FRST\Quarantine\C\Users\Unser\AppData\Roaming\autostarter.exe.xBAD => Moved successfully.
C:\Users\Unser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QCCO00J\WORLD_21_target_5830[1].exe => Moved successfully.
C:\Users\Unser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8O7EL9N\minibar-core[1].exe => Moved successfully.
C:\Users\Unser\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe => Moved successfully.
C:\Users\Unser\AppData\Local\Temp\optprosetup.exe => Moved successfully.
C:\Users\Unser\AppData\Local\Temp\DMR\dmr_72.exe => Moved successfully.
C:\Users\Unser\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\5b06e73c66b13128cd03586177ce6642\m4a-to-mp3-83converter.exe => Moved successfully.
C:\Users\Unser\AppData\Local\Temp\is-PRT3H.tmp\OptProCrash.dll => Moved successfully.
C:\Users\Unser\AppData\Local\Temp\{2F223CC3-7E90-4876-9CEB-51331832E071}\setup.exe => Moved successfully.
C:\Users\Unser\Downloads\Free M4a to MP3 Converter - CHIP-Installer.exe => Moved successfully.
D:\---= Programme =---\Ashampoo Burning Studio 10 v10.07 Final - Multilan\ABS10.07 SETUP\ashampoo_burning_studio_10_10.0.7_sm.exe => Moved successfully.
EmptyTemp: => Removed 6.8 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 11:37:05 ====
         

Alt 10.03.2015, 18:51   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.





Frisches FRST log bitte. Noch PRobleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.03.2015, 09:45   #15
Frusa567
 
Bildschirm weiß nach Start. mauszeiger vorhanden - Standard

Bildschirm weiß nach Start. mauszeiger vorhanden



Hallo,

keine probleme mehr

vielen dank


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by Unser (administrator) on UNSER-PC on 11-03-2015 10:43:50
Running from C:\Users\Unser\Desktop\FRST-OlderVersion
Loaded Profiles: Unser (Available profiles: Unser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13265480 2013-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1273416 2013-01-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-11] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-02-27] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-27] (Bitdefender)
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {1af1edf4-c160-11e2-aa48-1c7508d7c5f8} - H:\LaunchU3.exe -a
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {8edb42c0-25fb-11e3-aa5b-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\...\MountPoints2: {d5665aed-592a-11e3-91db-1c7508d7c5f8} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-30] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-671443653-1792276608-2591688684-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-27] (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-22] (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-27] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-07] (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-27] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-27] (Bitdefender)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-09] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-07-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-08-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-671443653-1792276608-2591688684-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Unser\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-30] (Unity Technologies ApS)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-10-19]
FF Extension: 20-20 3D Viewer - WEB - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\2020Player_WEB@2020Technologies.com [2014-07-06]
FF Extension: O2CPlayer Plugin - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\o2cplayer@eleco.com [2015-03-10]
FF Extension: leethax.net extension - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\leethax@leethax.net.xpi [2013-11-20]
FF Extension: SQLite Manager - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2014-04-17]
FF Extension: All-in-One Sidebar - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-04-06]
FF Extension: Adblock Plus - C:\Users\Unser\AppData\Roaming\Mozilla\Firefox\Profiles\ysgxqzps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-07]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-02-05]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome: 
=======
CHR Profile: C:\Users\Unser\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-06-26] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-06] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2015-02-20] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-02-27] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-31] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-27] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-02-27] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-27] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-02-27] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-27] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-02-04] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [119376 2013-03-04] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-31] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-09-25] (Duplex Secure Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
U3 agiam4xl; C:\Windows\System32\Drivers\agiam4xl.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 10:19 - 2015-03-11 10:19 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-UNSER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-03-11 10:19 - 2015-03-11 10:19 - 00000000 ____D () C:\RegBackup
2015-03-11 10:07 - 2015-03-11 10:07 - 00003288 ____N () C:\bootsqm.dat
2015-03-11 10:03 - 2015-03-11 10:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-03-11 10:03 - 2015-03-11 10:03 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-03-11 09:26 - 2015-03-11 09:26 - 11755088 _____ () C:\Users\Unser\Downloads\tweaking.com_windows_repair_aio_setup.exe
2015-03-10 11:38 - 2015-03-10 11:38 - 00003157 _____ () C:\Users\Unser\Desktop\FSS.txt
2015-03-10 11:36 - 2015-03-10 11:36 - 00415232 _____ (Farbar) C:\Users\Unser\Desktop\FSS.exe
2015-03-08 20:57 - 2015-03-08 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 20:22 - 2015-03-08 20:22 - 00852604 _____ () C:\Users\Unser\Desktop\SecurityCheck.exe
2015-03-08 20:05 - 2015-03-08 20:05 - 02347384 _____ (ESET) C:\Users\Unser\Downloads\esetsmartinstaller_deu.exe
2015-03-08 20:04 - 2015-03-08 20:04 - 00000892 _____ () C:\Users\Unser\Desktop\JRT.txt
2015-03-08 20:00 - 2015-03-08 20:00 - 01388333 _____ (Thisisu) C:\Users\Unser\Downloads\JRT.exe
2015-03-08 20:00 - 2015-03-08 20:00 - 00007698 _____ () C:\Users\Unser\Desktop\AdwCleaner[S0].txt
2015-03-08 19:57 - 2015-03-08 19:57 - 00001202 _____ () C:\Users\Unser\Desktop\mbam.txt
2015-03-08 19:25 - 2015-03-11 10:43 - 00000000 ____D () C:\Users\Unser\Desktop\FRST-OlderVersion
2015-03-08 10:18 - 2015-03-11 10:43 - 00000000 ____D () C:\FRST
2015-03-08 09:03 - 2015-03-08 19:59 - 00000000 ____D () C:\AdwCleaner
2015-03-08 09:03 - 2015-03-08 09:03 - 02126848 _____ () C:\Users\Unser\Downloads\AdwCleaner_4.111.exe
2015-03-08 08:32 - 2015-03-10 11:23 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 08:32 - 2015-03-08 08:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Unser\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-08 08:32 - 2015-03-08 08:32 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-08 08:32 - 2015-03-08 08:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-08 08:32 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-08 08:32 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-08 08:32 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-08 08:28 - 2015-03-08 08:28 - 00000000 ____D () C:\Program Files (x86)\dumps
2015-02-28 17:34 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-28 17:34 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-27 12:29 - 2015-02-27 12:29 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-02-27 12:29 - 2015-02-27 12:29 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-02-27 12:29 - 2015-02-27 12:29 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2015-02-27 12:29 - 2015-02-27 12:29 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-02-20 23:17 - 2015-02-20 23:19 - 00189480 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-20 23:17 - 2015-02-20 23:17 - 00000000 ____D () C:\Users\Unser\AppData\Local\PunkBuster
2015-02-20 23:15 - 2015-02-20 23:15 - 00000000 ____D () C:\Users\Unser\Documents\America's Army 3
2015-02-20 23:13 - 2015-02-20 23:19 - 00189480 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-20 23:13 - 2015-02-20 23:13 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-20 23:13 - 2015-02-20 23:00 - 03360624 _____ () C:\Windows\SysWOW64\pbsvc.exe
2015-02-20 22:21 - 2015-03-01 16:28 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-20 22:17 - 2015-02-20 22:17 - 00000000 ____D () C:\Users\Unser\AppData\Local\Steam
2015-02-20 22:15 - 2015-03-08 08:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-20 22:15 - 2015-02-20 22:15 - 01142128 _____ () C:\Users\Unser\Downloads\SteamSetup.exe
2015-02-18 13:07 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-18 13:07 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-18 13:07 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-18 13:07 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-17 15:02 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files\iTunes
2015-02-17 15:02 - 2015-03-07 23:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-17 15:02 - 2015-02-17 15:02 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-17 15:02 - 2015-02-17 15:02 - 00000000 ____D () C:\Program Files\iPod
2015-02-13 14:53 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 14:53 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 14:53 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-13 14:53 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:28 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:28 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:28 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:28 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:28 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:28 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:28 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:28 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:28 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:28 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:28 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:28 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:28 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:28 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:28 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:28 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:28 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:28 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:28 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:28 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:28 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:28 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:28 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:28 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:28 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:28 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:28 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:28 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:28 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:28 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:28 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:28 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:28 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:28 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:28 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:28 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:28 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:28 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:28 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:28 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:28 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:28 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:28 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:28 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:28 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:28 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:28 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:28 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:28 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:28 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:28 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:28 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:28 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:27 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:27 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:27 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:27 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:27 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:27 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:27 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:27 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:27 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:27 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:27 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:27 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:27 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:27 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:27 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:27 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:27 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:27 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:27 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:27 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:27 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:27 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:27 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:27 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:27 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:27 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:27 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:27 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:27 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:27 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:27 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:27 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:27 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 14:27 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:27 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:27 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 14:27 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 14:27 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 14:27 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 10:36 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-11 10:36 - 2009-07-14 05:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-11 10:34 - 2013-04-06 11:46 - 01236861 _____ () C:\Windows\WindowsUpdate.log
2015-03-11 10:34 - 2009-07-14 18:58 - 00685820 _____ () C:\Windows\system32\perfh007.dat
2015-03-11 10:34 - 2009-07-14 18:58 - 00145620 _____ () C:\Windows\system32\perfc007.dat
2015-03-11 10:34 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-11 10:30 - 2013-04-06 12:53 - 00111168 _____ () C:\Users\Unser\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-11 10:30 - 2013-04-06 12:16 - 00162286 _____ () C:\Windows\PFRO.log
2015-03-11 10:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-11 10:30 - 2009-07-14 05:51 - 00148215 _____ () C:\Windows\setupact.log
2015-03-11 10:30 - 2009-07-14 05:45 - 05110224 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 10:29 - 2013-04-06 11:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-11 10:27 - 2009-07-14 03:34 - 00000548 _____ () C:\Windows\win.ini
2015-03-11 09:21 - 2013-04-09 15:36 - 00000000 ____D () C:\Users\Unser\AppData\Local\Adobe
2015-03-09 19:59 - 2014-03-15 20:53 - 00000000 ____D () C:\Users\Unser\Desktop\Lenz
2015-03-09 19:58 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-03-09 09:49 - 2013-04-06 12:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-08 20:01 - 2013-04-06 12:03 - 00000000 ____D () C:\ProgramData\BDLogging
2015-03-08 19:59 - 2013-04-06 11:47 - 00000000 ____D () C:\Users\Unser
2015-03-07 23:42 - 2015-01-23 11:15 - 00000000 ____D () C:\Program Files (x86)\Free M4a to MP3 Converter
2015-03-07 23:42 - 2014-10-10 15:43 - 00000000 ____D () C:\Program Files (x86)\posterXXL Designer
2015-03-07 23:42 - 2014-09-23 07:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-07 23:42 - 2014-09-19 22:11 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-07 23:42 - 2014-09-19 22:11 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-03-07 23:42 - 2014-06-29 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-07 23:42 - 2014-06-20 18:14 - 00000000 ____D () C:\Program Files (x86)\ratDVD
2015-03-07 23:42 - 2014-04-17 10:05 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2015-03-07 23:42 - 2013-09-25 16:59 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2015-03-07 23:42 - 2013-08-19 10:13 - 00000000 ____D () C:\Program Files (x86)\EMDB
2015-03-07 23:42 - 2013-08-07 14:28 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2015-03-07 23:42 - 2013-06-03 16:42 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2015-03-07 23:42 - 2013-04-30 19:04 - 00000000 ____D () C:\Windows\system32\SPReview
2015-03-07 23:42 - 2013-04-28 08:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-03-07 23:42 - 2013-04-24 16:50 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-03-07 23:42 - 2013-04-24 16:50 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-07 23:42 - 2013-04-06 16:10 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-07 23:42 - 2013-04-06 12:53 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2015-03-07 23:42 - 2013-04-06 11:52 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect
2015-03-07 23:42 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-07 23:42 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-07 23:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-03-07 23:42 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2015-03-07 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-01 16:27 - 2013-04-06 12:53 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\UseNeXT
2015-03-01 16:24 - 2014-02-28 14:46 - 00000000 ____D () C:\Users\Unser\Documents\UseNeXT
2015-02-27 12:29 - 2015-02-05 14:28 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-02-27 12:29 - 2015-02-05 14:28 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-02-27 12:29 - 2014-01-21 14:29 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2015-02-20 23:13 - 2013-04-06 16:06 - 00356894 _____ () C:\Windows\DirectX.log
2015-02-20 11:31 - 2013-04-07 10:19 - 00000000 ____D () C:\Users\Unser\AppData\Local\Microsoft Games
2015-02-20 10:21 - 2013-04-24 16:51 - 00000000 ____D () C:\Users\Unser\AppData\Roaming\Apple Computer
2015-02-19 12:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-18 16:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-17 15:02 - 2013-04-24 16:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-17 14:29 - 2013-08-19 21:35 - 00000000 ____D () C:\Users\Unser\Desktop\Spiele & Programme
2015-02-12 15:10 - 2014-12-11 13:41 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 15:10 - 2014-05-08 05:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 15:08 - 2013-04-28 08:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 15:07 - 2013-08-17 18:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 15:03 - 2013-04-06 14:17 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 14:29 - 2013-04-06 11:57 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 14:29 - 2013-04-06 11:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-09 14:29 - 2013-04-06 11:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2014-12-06 13:44 - 2011-07-19 03:37 - 0003262 _____ () C:\Program Files (x86)\Falco.ico
2014-12-06 13:44 - 2011-07-19 04:05 - 0000046 _____ () C:\Program Files (x86)\Falco.url
2013-09-25 13:22 - 2014-02-16 14:22 - 0000144 _____ () C:\Users\Unser\AppData\Roaming\WB.CFG
2014-04-17 08:35 - 2014-04-17 08:48 - 0000789 _____ () C:\Users\Unser\AppData\Local\cookies.ini
2013-04-06 13:53 - 2013-04-06 13:55 - 0019118 _____ () C:\Users\Unser\AppData\Local\HWVendorDetection.log
2015-02-05 14:29 - 2015-02-05 14:29 - 0536388 _____ () C:\ProgramData\1423142746.bdinstall.bin
2013-04-17 10:32 - 2013-04-17 10:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 14:31

==================== End Of Log ============================
         
--- --- ---

Antwort

Themen zu Bildschirm weiß nach Start. mauszeiger vorhanden
abgesicherter, abgesicherter modus, acer, ausgeführt, bildschirm, daten, erweiterte, funktionier, funktioniert, laptop, live, mauszeiger, modus, problem, punkt, reparieren, start, stunde, stunden, system, vorhanden, weiße, wichtige, wiederherstellung, win



Ähnliche Themen: Bildschirm weiß nach Start. mauszeiger vorhanden


  1. Nach anmeldung schwarzer bildschirm mit mauszeiger, alles ausprobiert nichts funktionert!
    Plagegeister aller Art und deren Bekämpfung - 21.04.2015 (12)
  2. Windows 7: Boot nicht möglich; schwarzer Bildschirm mit Mauszeiger nach Windowslogo
    Log-Analyse und Auswertung - 11.11.2014 (17)
  3. Bildschirm bei Start/Neustart schwarz/blau/weiß
    Plagegeister aller Art und deren Bekämpfung - 10.09.2014 (6)
  4. Windows 8.1: schwarzer Bildschirm nach Start, Mauszeiger da, FRST lässt sich nicht ausführen
    Plagegeister aller Art und deren Bekämpfung - 27.08.2014 (1)
  5. Windows 8.1: schwarzer Bildschirm nach Start, Mauszeiger da
    Alles rund um Windows - 27.08.2014 (2)
  6. Win7 bootet nicht: nach Bios bleibt Bildschirm schwarz + Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (5)
  7. schwarzer Bildschirm mit Mauszeiger nach Start des Betriebssystems Windows7
    Log-Analyse und Auswertung - 17.04.2014 (7)
  8. Bildschirm wird weiß nach Windows 7 Start
    Log-Analyse und Auswertung - 02.10.2013 (13)
  9. Windows 7 nach Start schwarzer Bildschirm + Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 23.09.2013 (15)
  10. Bildschirm weiß nach Start
    Log-Analyse und Auswertung - 06.08.2013 (10)
  11. Schwarzer Bildschirm nach hochfahren mit beweglichem Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (5)
  12. Bildschirm ist nach dem Start weiß, Mauszeiger sichtbar
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (11)
  13. Windows XP SP3 - Bildschirm weiß, Maus vorhanden, Desktop zeigt sich kurz wenn man ausschaltet
    Log-Analyse und Auswertung - 29.05.2013 (5)
  14. Desktop bleibt nach Start Weiß oder Schwarz!
    Plagegeister aller Art und deren Bekämpfung - 26.05.2013 (22)
  15. Zwei Laptops - Ähnliches Problem - Bildschirm nach Anmeldung Schwarz mit Mauszeiger - Win7
    Plagegeister aller Art und deren Bekämpfung - 18.01.2012 (0)
  16. [Vista] TR/Crpyt.ZPACk.Gen2 schwarzer Bildschirm, Mauszeiger vorhanden
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (34)
  17. Leerer Bildschirm - Start-Manager nicht vorhanden oder defekt
    Plagegeister aller Art und deren Bekämpfung - 02.12.2009 (3)

Zum Thema Bildschirm weiß nach Start. mauszeiger vorhanden - Hallo. Laptop Acer . Win 7 64 Bit Ich hab seit einigen Stunden das Problem, das mein Laptop nach dem Start einen weißen Bildschirm hat. Der mauszeiger ist vorhanden. Oben - Bildschirm weiß nach Start. mauszeiger vorhanden...
Archiv
Du betrachtest: Bildschirm weiß nach Start. mauszeiger vorhanden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.