| |
| |||||||
Log-Analyse und Auswertung: Windows 8: Zwei Trojaner im selben Ordner, alles sicher?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.03.2015, 22:37
| #1 |
 |  Windows 8: Zwei Trojaner im selben Ordner, alles sicher? Guten Abend, Nacht, wie auch immer!  Also mein Problem: Ich bin mir nicht sicher, ob Panda meine Trojaner richtig entfernt hat. Es werden mir 2 Generic.gen und ein C.IA Trojaner angezeigt, beide mit der Meldung "gelöscht" (seltsamerweise alle im selben Ordner). Jetzt bin ich mir eben nicht sicher, ob alles entfernt wurde, oder ob das nur so aussieht, ich hatte nämlich (soweit ich weiß) vorher noch keine Bekanntschaft mit Trojanern gemacht und kenne mich mit Spyware und Co. auch nicht wirklich aus...  Einfach formulieren müsst ihr eure Antworten deshalb nicht, ich denke so weit bin ich schon in Sachen Computer bewandert.  Danke aber schon mal jetzt für eure Antwort(en)... ~~~Hier die Logs~~~ -DeFogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:00 on 23/03/2015 (******)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Der warnte mich nicht zum Neustart, was ich ein bisschen seltsam fand... ----- FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by ****** (administrator) on ******S-PC on 23-03-2015 22:02:27
Running from C:\Users\******\Desktop
Loaded Profiles: ****** (Available profiles: ****** & Administrator & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Leap Motion, Inc.) C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
() C:\Program Files (x86)\Skiller Pro\Monitor.EXE
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Remote Control Server] => C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe [5159424 2015-01-19] (Steppschuh)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-02] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-06-23] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-09-02] ()
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2448896 2014-09-19] (FileZilla Project)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Skiller Pro\Monitor.exe [475136 2014-02-26] ()
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [RssReader] => C:\Program Files (x86)\RssReader\RssReader.exe [1077248 2004-04-04] (Ykoon)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Leap Control Panel] => C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe [3625808 2015-02-20] (Leap Motion, Inc.)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Spotify] => C:\Users\******\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Google Update] => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-09] (Google Inc.)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1313536 2014-04-01] (Bogdan Sharkov)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2042880 2014-08-25] (RemoteMouse.net)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [spotimote] => C:\Program Files (x86)\spotimote\spotimote.exe [2830248 2014-10-08] ()
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [GoogleChromeAutoLaunch_D781C9BFB3A3BA37CC3EB8921F5CCF82] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [DellSystemDetect] => C:\Users\******\AppData\Local\Apps\2.0\LLG9VHQ8.GH9\KO4XLBTX.AGH\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe [276776 2015-01-11] (Dell)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Policies\Explorer: [NoControlPanel] 0
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\devolo Cockpit.lnk
ShortcutTarget: devolo Cockpit.lnk -> C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe ( )
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Identitaetsabfrage.bat ()
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MAGIX Video deluxe 2014.lnk
ShortcutTarget: MAGIX Video deluxe 2014.lnk -> C:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exe (MAGIX Software GmbH)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=377&r=2014/04/07&hid=5936879317086436134&lg=EN&cc=DE&unqvl=51
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=377&r=2014/04/07&hid=5936879317086436134&lg=EN&cc=DE&unqvl=51
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3324427&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPAF1B23EF-781D-48EC-96E7-10E4407318A0&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasecuritytb&v=4_2&idate=2015-02-08&ent=ch_664&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> {B4364FC7-BB80-4056-A87B-DBC5A26B5C36} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16] (Adblock Plus)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-09-02] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-13] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-13] (Oracle Corporation)
BHO-x32: FlowSurf -> {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} -> C:\Program Files (x86)\Flowsurf\FlowSurf.dll [2013-10-16] (FlowSurf Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default
FF SearchEngineOrder.1: Google.at
FF Homepage: https://www.google.de/
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-08] ()
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-13] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @talk.google.com/O1DPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @tools.google.com/Google Update;version=3 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @tools.google.com/Google Update;version=9 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\******\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-06] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\searchplugins\youtube-videosuche.xml [2014-08-30]
FF Extension: Avira Browser Safety - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\abs@avira.com [2015-03-02]
FF Extension: FireFTP - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-01-16]
FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2015-01-16]
FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\langpack-de@Waterfox.mozilla.org.xpi [2014-08-30]
FF Extension: Session Manager - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-10-31]
FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-09-11]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.google.de/", "hxxp://websearch.amaizingsearches.info/?pid=377&r=2014/04/07&hid=5936879317086436134&lg=EN&cc=DE&unqvl=51", "hxxp://google.com/", "hxxp://google.de/", "https://de.search.yahoo.com/?type=937811&fr=yo-yhp-ch"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-04-07]
CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]
CHR Extension: (Berlin Events) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopbgcbccpbkbficacifdijmlpdnddkf [2014-04-07]
CHR Extension: (Adblock Plus) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-17]
CHR Extension: (Google Search) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]
CHR Extension: (Session Buddy) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2014-04-07]
CHR Extension: (Floating YouTube Extension) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2014-11-12]
CHR Extension: (Yahoo!) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhbkaahephniejapepaiggngjnedpci [2015-02-09]
CHR Extension: (Show Frame) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmgcfdnagjkihmgjhbiombjdcgckgnb [2015-01-18]
CHR Extension: (Google Keep - notes and lists) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-04-07]
CHR Extension: (ProxMate) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-05-13]
CHR Extension: (Floating YouTube™) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2014-11-12]
CHR Extension: (FullStream) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkchcbdilffpbpkknniliidiflhbagkl [2015-01-23]
CHR Extension: (Open Frame) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdhjgkkaacdhdioocfbpmhjidbinfajj [2015-01-18]
CHR Extension: (Wetter Berlin) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\klefihnmmfkcaoeebemdmeebbfdhlknm [2014-04-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Twitch Now) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-01-23]
CHR Extension: (Google Wallet) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]
CHR Extension: (Gmail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]
CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iijmpjamifmplbakhgikofogdfackici] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com.crx [2014-09-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\******\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-01-25]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-30] (Dell Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [772608 2014-09-19] (FileZilla Project) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc64.exe [10083840 2015-02-20] (Leap Motion, Inc.) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-19] (Dell Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [X]
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems)
S3 CCUSBMIDI; C:\Windows\System32\Drivers\ccusbmid.sys [26624 2012-02-24] (CASIO COMPUTER CO., LTD.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
S3 MP4ConverterAudio; C:\Windows\system32\drivers\MP4ConverterAudio.sys [36064 2014-07-28] (Windows (R) Win 7 DDK provider)
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-01-29] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 22:02 - 2015-03-23 22:03 - 00042414 _____ () C:\Users\******\Desktop\FRST.txt
2015-03-23 22:00 - 2015-03-23 22:02 - 00000476 _____ () C:\Users\******\Desktop\defogger_disable.log
2015-03-23 21:58 - 2015-03-23 22:02 - 00000000 ____D () C:\FRST
2015-03-23 21:58 - 2015-03-23 21:58 - 00000000 _____ () C:\Users\******\defogger_reenable
2015-03-23 21:57 - 2015-03-23 21:57 - 00050477 _____ () C:\Users\******\Desktop\Defogger.exe
2015-03-23 21:55 - 2015-03-23 21:55 - 02095616 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe
2015-03-23 21:54 - 2015-03-23 21:54 - 00380416 _____ () C:\Users\******\Desktop\k501derz.exe
2015-03-23 21:39 - 2015-03-23 21:40 - 01203488 _____ () C:\Users\******\Downloads\Regin Scanner - CHIP-Installer.exe
2015-03-23 18:14 - 2015-03-23 18:14 - 00001325 _____ () C:\Users\Public\Desktop\River-Simulator 2012 - Demo.lnk
2015-03-23 18:14 - 2015-03-23 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\River-Simulator 2012 - Demo
2015-03-23 18:13 - 2015-03-23 18:13 - 00000000 ____D () C:\Program Files (x86)\River-Simulator 2012 - Demo
2015-03-23 18:06 - 2015-03-23 18:06 - 00000000 ____D () C:\Users\******\Tracing
2015-03-23 17:47 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-03-22 14:08 - 2015-03-04 22:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-22 14:08 - 2015-03-04 22:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-22 10:31 - 2015-03-22 10:55 - 00000000 ____D () C:\Users\******\AppData\Roaming\Rettungswagen Simulator 2014 Demo
2015-03-22 10:31 - 2015-03-22 10:32 - 00000000 ____D () C:\Users\******\Documents\Rettungswagen Simulator 2014 Demo
2015-03-22 10:31 - 2015-03-22 10:31 - 00000000 ____D () C:\ProgramData\RTWS2014DEMO
2015-03-22 10:28 - 2015-03-22 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rettungswagen Simulator 2014 Demo
2015-03-22 10:22 - 2015-03-22 10:28 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2014 Demo
2015-03-22 10:21 - 2015-03-22 10:27 - 218461259 _____ () C:\Users\******\Downloads\Schiff-Simulator2012-Demo_Setup.zip
2015-03-22 10:01 - 2015-03-22 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schwebebahn-Simulator 2013 Demo
2015-03-22 10:00 - 2015-03-22 10:00 - 00000000 ____D () C:\Program Files (x86)\rondomedia
2015-03-22 09:52 - 2015-03-22 09:55 - 179712052 _____ () C:\Users\******\Downloads\Schwebebahn-Simulator2013_simuwelt_Demo Setup.zip
2015-03-22 09:51 - 2015-03-22 10:11 - 1682428100 _____ () C:\Users\******\Downloads\rtws2014-demo-1.0a.zip
2015-03-22 09:19 - 2015-03-22 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airport Simulator 2013 Demo
2015-03-22 09:19 - 2015-03-22 09:19 - 00000000 ____D () C:\Program Files (x86)\Airport Simulator 2013 Demo
2015-03-22 09:18 - 2015-03-22 09:18 - 50171380 _____ () C:\Users\******\Downloads\Airport-Simulator2013_simuwelt_Demo.zip
2015-03-21 21:19 - 2015-03-21 21:19 - 00000000 ____D () C:\Users\******\AppData\Roaming\Open Rails
2015-03-21 20:42 - 2015-03-21 20:42 - 00001082 _____ () C:\Users\Public\Desktop\Open Rails.lnk
2015-03-21 20:42 - 2015-03-21 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Rails
2015-03-21 20:42 - 2015-03-21 20:42 - 00000000 ____D () C:\Program Files (x86)\Open Rails
2015-03-21 20:41 - 2015-03-21 20:41 - 23850158 _____ (Open Rails ) C:\Users\******\Downloads\setup_OR_pre-v1.0_from_download.exe
2015-03-21 20:20 - 2015-03-21 20:39 - 00000000 ____D () C:\Users\******\AppData\Local\Loksim3D
2015-03-21 20:20 - 2015-03-21 20:34 - 00000000 ____D () C:\Program Files (x86)\Loksim3D
2015-03-21 20:20 - 2015-03-21 20:25 - 00000000 ____D () C:\Users\Public\Documents\Loksim3D
2015-03-21 20:20 - 2015-03-21 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loksim3D
2015-03-21 20:15 - 2015-03-21 20:17 - 120920998 _____ () C:\Users\******\Downloads\Setup-Loksim3D-2-9-1.zip
2015-03-21 20:14 - 2015-03-21 20:14 - 00373824 _____ () C:\Users\******\Downloads\Setup-Loksim3D-2-9-1_CB-DL-Manager.exe
2015-03-21 15:12 - 2015-03-21 15:24 - 436138144 _____ (MAGIX Software GmbH) C:\Users\******\Downloads\music_maker_2015_dlv_chip_de_20140827_13-38.exe
2015-03-20 20:25 - 2015-03-13 16:38 - 00622224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-03-20 20:22 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 18580512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 14121624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-03-20 20:22 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 03303448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-03-20 20:22 - 2015-03-13 20:41 - 00032456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-03-20 20:22 - 2015-03-13 20:41 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-03-11 07:39 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 07:39 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 07:39 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 07:39 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 07:39 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 07:39 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 07:39 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 07:39 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 07:39 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 07:39 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 07:39 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 07:39 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 07:39 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 07:39 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 07:39 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 07:39 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 07:38 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 07:38 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 07:38 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 07:38 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 07:38 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 07:38 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 07:38 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 07:38 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 07:38 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 07:38 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 07:38 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 07:38 - 2015-01-30 04:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 07:38 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 07:38 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 07:38 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 07:38 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 07:38 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 07:38 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 07:38 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 07:38 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 07:38 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 07:38 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 07:38 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 07:38 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 07:38 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 07:38 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 07:38 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 07:38 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 07:38 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 07:38 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 07:38 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 07:38 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 07:38 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 07:38 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 07:38 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 07:38 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 07:38 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 07:38 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 07:38 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 07:38 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 07:37 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 07:37 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 07:37 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 07:37 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 07:37 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 07:37 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 07:37 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 07:37 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 07:37 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 07:37 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 07:37 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 07:37 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 07:37 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 07:37 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 07:37 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 07:37 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 07:37 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 07:37 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 07:37 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 07:37 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 07:37 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 07:37 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 07:37 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 07:37 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 07:37 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 07:37 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 07:37 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 07:37 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 07:37 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 07:37 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 07:37 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 07:37 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 07:37 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 07:37 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 07:37 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 07:37 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 07:37 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 07:37 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 07:37 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 07:37 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 07:37 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 07:37 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 07:37 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 07:37 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 07:37 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 07:37 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 07:37 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 07:37 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 07:37 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 07:37 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-11 07:02 - 2015-03-11 07:02 - 01142192 _____ () C:\WINDOWS\Minidump\031115-35765-01.dmp
2015-03-10 18:31 - 2015-03-10 18:32 - 00166935 _____ () C:\Users\******\Downloads\xape.rar
2015-03-08 19:31 - 2015-03-08 19:38 - 00000000 ____D () C:\Users\******\Desktop\Chips
2015-03-07 12:04 - 2015-03-07 21:17 - 00000000 ____D () C:\Users\******\AppData\Local\LogMeIn Hamachi
2015-03-07 12:02 - 2015-03-07 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-07 12:02 - 2015-03-07 12:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-03-06 19:06 - 2015-03-23 18:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1481936226-3761452550-2346937436-1002
2015-03-06 18:55 - 2015-03-06 18:55 - 00000000 ___HD () C:\WINDOWS\AxInstSV
2015-03-06 16:00 - 2015-03-06 16:31 - 4225595392 _____ () C:\Users\******\Downloads\Windows10_TechnicalPreview_x64_DE-DE_9926 (1).iso
2015-03-05 20:04 - 2015-03-05 20:04 - 00001134 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-03-05 20:04 - 2015-03-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-03-05 20:04 - 2015-03-05 20:04 - 00000000 ____D () C:\Program Files\Oracle
2015-03-05 20:04 - 2015-03-02 15:20 - 00922168 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2015-03-05 20:04 - 2015-03-02 15:18 - 00128592 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2015-03-05 20:01 - 2015-03-05 20:01 - 01203488 _____ () C:\Users\******\Downloads\VirtualBox - CHIP-Installer.exe
2015-03-02 15:18 - 2015-03-02 15:18 - 00204264 _____ (Oracle Corporation) C:\WINDOWS\system32\VBoxNetFltNobj.dll
2015-03-02 15:18 - 2015-03-02 15:18 - 00156360 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetFlt.sys
2015-03-02 15:18 - 2015-03-02 15:18 - 00141440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp.sys
2015-03-01 19:12 - 2015-03-01 19:12 - 00063769 _____ () C:\Users\******\Desktop\Bigband Konzert.odt
2015-02-28 15:13 - 2015-02-28 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigel
2015-02-28 15:11 - 2015-02-28 15:11 - 01203488 _____ () C:\Users\******\Downloads\Visitenkarten in 2 Minuten - CHIP-Installer.exe
2015-02-28 08:56 - 2015-02-28 08:56 - 00001312 _____ () C:\Users\Public\Desktop\Leap Motion App Home.lnk
2015-02-28 08:56 - 2015-02-28 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leap Motion
2015-02-25 15:28 - 2013-09-30 16:26 - 00019152 ____N () C:\WINDOWS\system32\pwdrvio.sys
2015-02-25 15:28 - 2013-09-30 16:26 - 00012504 ____N () C:\WINDOWS\system32\pwdspio.sys
2015-02-25 15:14 - 2015-01-14 11:28 - 03066880 _____ () C:\WINDOWS\system32\pwNative.exe
2015-02-25 15:12 - 2015-02-25 15:14 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2015-02-25 15:12 - 2015-02-25 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0
2015-02-25 15:10 - 2015-02-25 15:10 - 01203488 _____ () C:\Users\******\Downloads\Partition Wizard Home Edition - CHIP-Installer.exe
2015-02-25 14:49 - 2015-02-25 15:08 - 00000000 ____D () C:\Backup
2015-02-25 06:58 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 06:58 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-24 18:00 - 2015-02-24 18:05 - 239433883 _____ () C:\Users\******\Downloads\cm12.0_golden.nova.20150214.ODIN_TWRP.zip
2015-02-24 17:32 - 2015-02-24 17:32 - 11029139 _____ () C:\Users\******\Downloads\CWM_6.0.4.5_Spec-Assert_fixed.zip
2015-02-23 16:48 - 2015-02-23 16:48 - 01192075 _____ () C:\Users\******\Desktop\UPDATE-SuperSU-v1.51.zip
2015-02-23 16:39 - 2010-08-27 05:32 - 00069120 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll
2015-02-23 16:38 - 2015-02-23 16:38 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-02-23 16:19 - 2015-02-23 16:20 - 01203488 _____ () C:\Users\******\Downloads\Odin3 - CHIP-Installer.exe
2015-02-23 16:15 - 2015-02-23 16:16 - 01203488 _____ () C:\Users\******\Downloads\I8190XXAMA1_I8190OXAAMA1_4.1.2_rooted_by_infected_V2 - CHIP-Installer.exe
2015-02-21 11:38 - 2015-02-21 11:38 - 00000000 ____D () C:\Users\******\Documents\BeamNG.drive
2015-02-21 11:37 - 2015-02-21 11:38 - 00000000 ____D () C:\Users\******\Desktop\BeamNG-Techdemo-v2
2015-02-21 11:35 - 2015-02-21 11:36 - 181003643 _____ () C:\Users\******\Downloads\BeamNG-Techdemo-v2.1.zip
2015-02-21 10:56 - 2015-02-23 16:14 - 00002248 _____ () C:\Users\******\Desktop\lückenbestücken.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-23 21:58 - 2014-01-17 23:09 - 00000000 ____D () C:\Users\******
2015-03-23 21:57 - 2015-02-08 21:52 - 00001148 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002UA.job
2015-03-23 21:57 - 2015-02-08 21:52 - 00001096 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002Core.job
2015-03-23 21:50 - 2014-10-12 15:15 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-23 21:32 - 2013-12-29 09:07 - 00000000 ____D () C:\Users\******\AppData\Roaming\Skype
2015-03-23 21:23 - 2015-02-08 22:18 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-23 21:10 - 2014-09-13 18:10 - 00000308 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2015-03-23 20:04 - 2014-01-17 23:05 - 01980046 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-23 18:06 - 2013-12-29 09:07 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-23 18:06 - 2013-12-29 09:07 - 00000000 ____D () C:\ProgramData\Skype
2015-03-23 18:02 - 2014-01-18 07:24 - 00000000 ___DO () C:\Users\******\SkyDrive
2015-03-23 17:56 - 2013-12-12 11:05 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-03-23 17:51 - 2014-03-06 20:28 - 00007650 _____ () C:\WINDOWS\system32\debug.log
2015-03-23 17:51 - 2013-11-14 08:27 - 00006882 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-23 17:51 - 2013-11-14 08:11 - 00897846 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-23 17:51 - 2013-11-14 08:11 - 00211324 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-23 17:48 - 2015-02-08 22:18 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-23 17:47 - 2014-05-01 14:02 - 00041459 _____ () C:\WINDOWS\setupact.log
2015-03-23 17:47 - 2014-01-17 23:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-23 17:47 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-23 14:00 - 2015-02-08 22:22 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2015-03-22 19:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-22 14:07 - 2013-08-22 15:44 - 05363216 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-22 14:05 - 2014-04-29 20:40 - 00703610 _____ () C:\WINDOWS\PFRO.log
2015-03-22 14:04 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-22 10:27 - 2014-05-14 19:39 - 00134580 _____ () C:\WINDOWS\DirectX.log
2015-03-22 10:20 - 2013-12-25 19:29 - 00000000 ____D () C:\Users\******\Desktop\Spiele
2015-03-21 21:22 - 2014-09-13 20:22 - 00000330 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-03-21 20:20 - 2014-03-01 09:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-21 19:52 - 2014-03-18 15:09 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2015-03-21 19:51 - 2014-03-18 15:08 - 00000000 ____D () C:\ProgramData\MAGIX
2015-03-21 19:51 - 2014-03-17 19:39 - 00000000 ____D () C:\Users\******\AppData\Roaming\MAGIX
2015-03-21 19:50 - 2014-03-18 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-03-21 19:43 - 2014-03-18 15:08 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2015-03-21 19:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-03-20 20:26 - 2014-03-18 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-20 20:26 - 2013-12-12 11:06 - 00000000 ____D () C:\Temp
2015-03-20 20:24 - 2014-01-17 23:05 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-20 20:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-20 20:03 - 2013-12-29 13:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-20 19:54 - 2014-02-20 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-20 19:46 - 2013-12-29 13:51 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-16 20:47 - 2014-02-20 17:21 - 00000000 ____D () C:\Users\******\Documents\Schule
2015-03-13 17:16 - 2015-01-23 16:27 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-03-13 17:16 - 2014-03-18 20:10 - 01099408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-03-13 17:16 - 2014-01-17 23:05 - 06861968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-03-13 17:16 - 2014-01-17 23:05 - 03526856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-03-13 17:16 - 2014-01-17 23:05 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-03-13 17:16 - 2014-01-17 23:05 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-03-13 17:16 - 2014-01-17 23:05 - 00386248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-03-13 17:16 - 2014-01-17 23:05 - 00075976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-03-11 14:10 - 2014-01-17 23:05 - 04246327 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-03-11 07:25 - 2015-01-31 22:57 - 00000000 ____D () C:\Users\******\Desktop\Musik Handy
2015-03-11 07:05 - 2014-04-03 19:49 - 00000000 ____D () C:\Users\******\AppData\Roaming\Spotify
2015-03-11 07:02 - 2014-02-06 23:08 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-11 07:01 - 2014-04-09 13:20 - 545536433 _____ () C:\WINDOWS\MEMORY.DMP
2015-03-08 19:44 - 2014-03-16 19:45 - 00000000 ____D () C:\Users\******\AppData\Roaming\Audacity
2015-03-08 19:44 - 2013-12-31 15:22 - 00000000 ____D () C:\Users\******\AppData\Roaming\vlc
2015-03-07 12:19 - 2014-02-14 18:08 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-07 12:15 - 2014-02-14 17:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-07 11:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-07 10:47 - 2014-02-12 15:26 - 00000000 ____D () C:\Users\******\AppData\Local\Airspace
2015-03-07 10:35 - 2014-07-04 21:41 - 00000000 ____D () C:\Users\******\.VirtualBox
2015-03-06 18:30 - 2015-02-09 22:01 - 00000424 ____H () C:\WINDOWS\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job
2015-03-06 18:10 - 2014-07-04 21:41 - 00000000 ____D () C:\Users\******\VirtualBox VMs
2015-03-06 16:23 - 2014-04-03 19:51 - 00000000 ____D () C:\Users\******\AppData\Local\Spotify
2015-03-04 21:22 - 2014-09-13 20:22 - 00000314 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-02-28 10:01 - 2013-06-26 23:19 - 00000000 ____D () C:\dell
2015-02-28 08:56 - 2014-04-29 20:42 - 00108968 _____ () C:\WINDOWS\DPINST.LOG
2015-02-28 08:56 - 2014-02-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Leap Motion
2015-02-25 18:29 - 2014-05-29 14:20 - 00000000 ____D () C:\ProgramData\Origin
2015-02-25 15:12 - 2014-05-29 14:20 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-24 17:31 - 2014-02-20 22:45 - 00000382 _____ () C:\Users\******\Desktop\MASSE STICK (D) - Verknüpfung.lnk
2015-02-23 16:39 - 2014-08-16 10:54 - 00000000 ____D () C:\Program Files (x86)\Samsung
==================== Files in the root of some directories =======
2014-05-16 17:14 - 2014-05-16 17:14 - 0000132 _____ () C:\Users\******\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-07-04 21:27 - 2014-07-04 22:43 - 1177208 _____ () C:\Users\******\AppData\Roaming\AndyCleanupTool.exe
2014-07-04 21:27 - 2014-07-04 22:43 - 1176696 _____ () C:\Users\******\AppData\Roaming\AndyCleanVM.exe
2014-09-13 18:19 - 2014-09-13 18:19 - 0000000 _____ () C:\Users\******\AppData\Roaming\gdfw.log
2014-09-13 18:19 - 2014-09-13 18:19 - 0000779 _____ () C:\Users\******\AppData\Roaming\gdscan.log
2014-01-07 20:56 - 2014-01-07 20:56 - 0000095 _____ () C:\Users\******\AppData\Local\fusioncache.dat
2014-05-04 12:47 - 2014-05-04 12:47 - 0001546 _____ () C:\Users\******\AppData\Local\RecConfig.xml
2014-09-02 15:37 - 2014-09-02 15:37 - 0000896 _____ () C:\Users\******\AppData\Local\recently-used.xbel
2014-04-06 06:20 - 2014-10-17 21:55 - 0007599 _____ () C:\Users\******\AppData\Local\resmon.resmoncfg
2013-12-12 11:05 - 2013-12-12 11:05 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-12-12 11:01 - 2013-12-12 11:02 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-12-12 11:03 - 2013-12-12 11:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-12-12 11:01 - 2013-12-12 11:01 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-12-12 11:04 - 2013-12-12 11:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Files to move or delete:
====================
C:\Windows\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job
Some content of TEMP:
====================
C:\Users\******\AppData\Local\Temp\avgnt.exe
C:\Users\******\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\******\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\******\AppData\Local\Temp\dateinj01.dll
C:\Users\******\AppData\Local\Temp\drm_dialogs.dll
C:\Users\******\AppData\Local\Temp\drm_dyndata_7400008.dll
C:\Users\******\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\******\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\******\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\******\AppData\Local\Temp\mgxoschk.dll
C:\Users\******\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\******\AppData\Local\Temp\npp.6.7.4.Installer.exe
C:\Users\******\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\******\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\******\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\******\AppData\Local\Temp\nvStInst.exe
C:\Users\******\AppData\Local\Temp\sdanircmdc.exe
C:\Users\******\AppData\Local\Temp\sdapskill.exe
C:\Users\******\AppData\Local\Temp\sdaspwn.exe
C:\Users\******\AppData\Local\Temp\SkypeSetup.exe
C:\Users\******\AppData\Local\Temp\tmd_34015596.exe
C:\Users\******\AppData\Local\Temp\unwise.exe
C:\Users\******\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\******\AppData\Local\Temp\xmlUpdater.exe
C:\Users\******\AppData\Local\Temp\_is3400.exe
C:\Users\******\AppData\Local\Temp\{98FE302D-7ADF-468E-BD7F-C22045491D76}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-30 14:19
==================== End Of Log ============================
|
Baum-Darstellung