Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.04.2015, 19:07   #1
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Hallo,

auch ich habe mir so eine blöde Malware eingefangen, zig Werbepopups und zusätzliche Fenster öffnen sich, wo dann entweder Ads by Name oder Power by Name steht.

Habe selber schon einiges laufen zu lassen ... Problem ist nur, dass die Programme wie z.B. Malwarebytes, AdwCleaner usw. gar nicht erst bis zum Ende durchlaufen und sich dann irgendwann aufhängen. Desweiteren ist seidem der Rechner pausenlos am arbeiten und rattern. Ein Mal so extrem, dass sich der Rechner mit dem Überhitzungsschutz ausgeschaltet hat

Ich würde mich über Hilfe freuen!

VG
Ines

Alt 13.04.2015, 19:10   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 13.04.2015, 19:45   #3
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Danke erst einmal für die schnelle Antwort!

Wo finde ich denn die gewünschte Logfile-Datei unter Win7?

Hier aber schon mal die aus FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by *** (administrator) on INES_BUERO on 13-04-2015 20:19:01
Running from C:\Users\***\Downloads
Loaded Profiles: *** (Available profiles: *** & UpdatusUser & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Windows\System32\atwtusb.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(File Type Advisor) C:\Program Files (x86)\File Type Advisor\fileadvisor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
() C:\Windows\System32\WTMKM.exe
(Guillemot Corporation S.A.) C:\Program Files (x86)\Hercules\Dualpix HD\CamService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Gemalto N.V.) C:\Users\***\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(Polar Electro Oy) C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Auto Resolution\bin\AppResUtilityService.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Bose Corporation) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\AdAwareUpdater.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(                                                            ) C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe
() C:\Windows\Temp\is-ONFJC.tmp\file-type-advisor.tmp
() C:\Windows\System32\atwtusb.exe
(                                                            ) C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe
(File Type Advisor) C:\Program Files (x86)\File Type Advisor\fileadvisor.exe
() C:\Windows\Temp\is-DUS0O.tmp\file-type-advisor.tmp
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(LG Electronics Inc) C:\Program Files (x86)\LG Electronics\Auto Resolution\bin\Auto Resolution.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7834656 2009-06-02] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-06-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-15] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-04-04] (CANON INC.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2342800 2009-05-21] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-05-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MacrokeyManager] => C:\Windows\system32\WTMKM.exe [7319784 2010-12-24] ()
HKLM\...\Run: [CamserviceHD] => C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe [360448 2009-07-07] (Guillemot Corporation S.A.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2006-11-29] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [KnexStarter] => C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe [159744 2009-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [RunTasktray] => C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe [101376 2009-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DivX Download Manager] => C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe [63360 2010-12-08] (DivX, LLC)
HKLM-x32\...\Run: [CamserviceHD] => C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe [360448 2009-07-07] (Guillemot Corporation S.A.)
HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe [1082880 2014-12-11] (Bose Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Creative MediaSource Go] => C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe [204800 2006-11-09] (Creative Technology Ltd)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2498048 2012-07-02] ()
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\***\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2013-05-15] (Gemalto N.V.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [693288 2013-11-07] (LG Electronics)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\FlowSync.exe [1125376 2014-11-11] (Polar Electro Oy)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [UIWatcher] => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [3508568 2009-02-23] (ashampoo GmbH & Co. KG)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-18\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PIPModeResolutionUtility.lnk
ShortcutTarget: PIPModeResolutionUtility.lnk -> C:\Program Files (x86)\LG Electronics\Auto Resolution\bin\AppResUtilityService.exe (LG Electronics)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\***\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP Print View Resource Center.lnk
ShortcutTarget: HP Print View Resource Center.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe (Hewlett-Packard)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600.lnk
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * bddel.exesdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -  No File
SearchScopes: HKLM-x32 -> {6B565918-AFF6-4bae-AC3F-63F626BDE74D} URL = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=de&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
SearchScopes: HKLM-x32 -> {EF742892-2E03-485a-BAFD-8834EFA69EA5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Professionell 4 - {6B63DEFC-F1F3-4148-845E-EA53E2AB5F28} - C:\Program Files (x86)\DATA BECKER\PDF Professionell 4\PDF4IE.dll [2009-04-02] (DATA BECKER)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab
Handler-x32: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067
FF NewTab: about:blank
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-02] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-02] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-07-25] (RocketLife, LLP)
FF Plugin-x32: @t-immersion.com/DFusionHomeWebPlugIn -> C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll [2011-06-30] (Total Immersion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4067268467-3182437459-1756596644-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\***\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-4067268467-3182437459-1756596644-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NP_SecurityPluginSecoder.dll [2008-08-04] (PPI AG)
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\englische-ergebnisse.xml [2014-10-19]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\gmx-suche.xml [2014-10-19]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\lastminute.xml [2014-10-19]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\webde-suche.xml [2014-10-19]
FF Extension: Amazon-Icon - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\amazon-icon@giga.de [2015-04-07]
FF Extension: FRITZ!Box AddOn - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\fb_add_on@avm.de [2015-04-07]
FF Extension: iCloud Bookmarks - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\firefoxdav@icloud.com [2015-04-07]
FF Extension: Fox Sec 7 - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\fx@foxysecureKDJJHVLSDUVFU.com [2015-04-07]
FF Extension: GutscheinRausch.de - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\jl@leimbach-it.de [2015-04-07]
FF Extension: YouTube to MP3 - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\youtube2mp3@mondayx.de [2015-04-07]
FF Extension: Vista-aero - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{07b2a769-ed19-4483-87ce-c643914c81bb} [2015-04-07]
FF Extension: FT DeepDark - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-04-07]
FF Extension: HP Detect - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2015-04-07]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2015-04-07]
FF Extension: DHL Toolbar - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{edc0b8a5-c050-4bb2-b785-a623b4515abf} [2015-04-07]
FF Extension: Add to Amazon Wish List Button - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\amznUWL2@amazon.com.xpi [2015-04-07]
FF Extension: NASA Night Launch - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\nasanightlaunch@example.com.xpi [2015-04-07]
FF Extension: Speed Notifier - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{724b5eec-c5c6-4050-9cf3-dbc61f95dd08}.xpi [2015-04-07]
FF Extension: ImTranslator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2015-04-07]
FF Extension: {a5502a73-43ea-4973-8eb1-ca156bc13cc5} - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{a5502a73-43ea-4973-8eb1-ca156bc13cc5}.xpi [2015-04-07]
FF Extension: Video DownloadHelper - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-07]
FF Extension: Facebook Share Button - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{d4e0dc9c-c356-438e-afbe-dca439f4399d}.xpi [2015-04-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-04-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-04-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-11]
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-11-24]
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ldncbx20.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DivX HiQ) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-19]
CHR Extension: (preisspion.de) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo [2011-11-26]
CHR Extension: (Skype Click to Call) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-11-26]
CHR Extension: (PicBadges) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjkknncnlepghplinfpikcijdbmidbg [2012-06-09]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-19]
CHR HKLM\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\***\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-10-19]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM-x32\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [654640 2009-04-15] (REINER SCT)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2009-10-19] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2009-10-19] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [425984 2008-04-30] (Creative Technology Ltd) [File not signed]
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [File not signed]
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-03-02] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-05] (Google)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [97432 2007-04-13] () [File not signed]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-03-12] (Lavasoft Limited)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [647242 2005-11-08] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WPEServ; C:\Program Files (x86)\Common Files\WPE\wpeserv.exe [339968 2008-10-30] (soft Xpansion) [File not signed]
R2 WTService; C:\Windows\system32\atwtusb.exe [914664 2011-01-17] () [File not signed]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2011-02-08] () [File not signed]
R1 acedrv08; C:\Windows\system32\drivers\acedrv08.sys [133856 2013-10-03] ()
R1 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [134880 2011-02-08] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [43320 2007-06-13] (REINER SCT)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-13] (Devguru Co., Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Guillemot Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-07] (Malwarebytes Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31264 2009-11-16] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31264 2009-11-16] (RapidSolution Software AG)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RTS5121.sys [208384 2008-11-21] (Realtek Semiconductor Corp.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-09-14] (Sony Ericsson Mobile Communications)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\USBSER.sys [25600 2014-04-11] (Microsoft Corporation) [File not signed]
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S3 zebrbus; C:\Windows\System32\DRIVERS\zebrbus.sys [108544 2010-09-14] (MCCI)
S3 zebrmdfl; C:\Windows\System32\DRIVERS\zebrmdfl.sys [18944 2010-09-14] (MCCI Corporation)
S3 zebrmdm; C:\Windows\System32\DRIVERS\zebrmdm.sys [145408 2010-09-14] (MCCI)
S3 zebrmdmc; C:\Windows\System32\DRIVERS\zebrmdmc.sys [145408 2010-09-14] (MCCI)
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 Rts516xIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 20:19 - 2015-04-13 20:20 - 00042851 _____ () C:\Users\***\Downloads\FRST.txt
2015-04-13 20:18 - 2015-04-13 20:19 - 00000000 ____D () C:\FRST
2015-04-13 20:18 - 2015-04-13 20:18 - 02096640 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2015-04-13 06:46 - 2015-04-13 06:46 - 00682360 _____ () C:\Users\***\Downloads\Setup.exe
2015-04-09 17:04 - 2015-04-09 17:04 - 00001246 _____ () C:\Users\***\Desktop\Revo Uninstaller.lnk
2015-04-09 17:04 - 2015-04-09 17:04 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-04-09 17:03 - 2015-04-09 17:03 - 01203488 _____ () C:\Users\***\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-04-08 00:50 - 2009-10-19 19:33 - 00000852 _____ () C:\Windows\system32\Drivers\etc\hosts.20150408-005003.backup
2015-04-07 19:11 - 2015-04-07 17:36 - 02686959 _____ (Thisisu) C:\Users\***\Desktop\JRT_NEW.exe
2015-04-07 18:21 - 2015-04-07 18:21 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-07 18:21 - 2015-04-07 18:21 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-07 18:20 - 2015-04-07 18:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 18:16 - 2015-04-07 18:17 - 00243656 _____ () C:\Users\***\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-07 17:51 - 2015-04-07 17:51 - 00000000 ____D () C:\Users\***\Desktop\Alte Firefox-Daten
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-04-06 20:58 - 2015-04-06 20:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-06 13:52 - 2015-04-06 13:52 - 00003738 _____ () C:\Windows\System32\Tasks\DivX Update
2015-04-06 13:34 - 2015-04-06 13:34 - 00002193 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2015-04-06 13:34 - 2015-04-06 13:34 - 00002183 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-04-06 13:34 - 2015-02-25 09:25 - 00041784 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-04-06 13:34 - 2015-02-25 09:24 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-04-06 13:34 - 2015-02-25 09:24 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-04-06 13:33 - 2015-04-06 13:33 - 00000000 ____D () C:\Users\***\AppData\Roaming\AVG
2015-04-06 13:28 - 2015-04-06 13:28 - 00000000 ____D () C:\Users\***\AppData\Local\Avg
2015-04-06 12:41 - 2015-04-06 13:34 - 00000000 ____D () C:\ProgramData\AVG
2015-04-06 12:30 - 2015-04-06 12:30 - 04818760 _____ (AVG Technologies) C:\Users\***\Downloads\avg_avc_stb_all_2015_ltst_197.exe
2015-04-06 12:29 - 2015-04-06 12:31 - 113398072 _____ (AVG Technologies) C:\Users\***\Downloads\avg_tuh_stf_all_2015_403_24c43.exe
2015-04-06 10:12 - 2015-04-06 10:30 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-06 10:12 - 2015-04-06 10:12 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 06:07 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-06 06:07 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-04-06 03:10 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-06 03:10 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-04-05 11:20 - 2015-04-05 11:20 - 02347384 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_deu.exe
2015-04-05 11:00 - 2015-04-05 11:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-INES_BUERO-Windows-7-Professional-(64-bit).dat
2015-04-05 11:00 - 2015-04-05 11:00 - 00000000 ____D () C:\RegBackup
2015-04-05 10:58 - 2015-04-05 10:58 - 02690981 _____ (Thisisu) C:\Users\***\Downloads\JRT.exe
2015-04-05 10:33 - 2015-04-07 19:09 - 00000000 ____D () C:\AdwCleaner
2015-04-05 10:32 - 2015-04-05 10:33 - 02208768 _____ () C:\Users\***\Downloads\AdwCleaner_4.200.exe
2015-04-05 08:44 - 2015-04-05 08:44 - 00074813 _____ () C:\Windows\system32\ScanResults.xml
2015-04-05 08:34 - 2015-04-05 08:34 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-04-05 03:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-05 03:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-04-05 03:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-05 03:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-05 03:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-04-05 03:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-04-05 03:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-05 03:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-04 21:25 - 2015-04-04 21:25 - 00000000 ____D () C:\Users\***\AppData\Roaming\AVG2015
2015-04-04 21:23 - 2015-04-04 21:23 - 00000941 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-04-04 21:23 - 2015-04-04 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-04 21:21 - 2015-04-04 21:24 - 00000000 ____D () C:\ProgramData\AVG2015
2015-04-04 21:00 - 2015-04-04 21:21 - 00000000 ___HD () C:\$AVG
2015-04-04 20:57 - 2015-04-13 18:09 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-04 20:57 - 2015-04-04 21:31 - 00000000 ____D () C:\Users\***\AppData\Local\Avg2015
2015-04-04 20:57 - 2015-04-04 20:57 - 00000000 ____D () C:\Users\***\AppData\Local\MFAData
2015-04-04 20:52 - 2015-04-04 20:55 - 183952072 _____ (AVG Technologies) C:\Users\***\Downloads\avg_free_x64_all_2015_ltst_221.exe
2015-04-04 20:47 - 2015-04-04 20:47 - 00000000 ____D () C:\ProgramData\e8695c1761ea40c9b7cd0a58277d03ae
2015-04-04 14:32 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-04 14:32 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-04 14:32 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-04 14:32 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-04 14:32 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-04-04 14:32 - 2014-12-11 19:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-04 14:32 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-04 14:32 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-04 14:32 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-04-04 14:32 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-04-04 14:32 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-04-04 14:32 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-04-04 14:31 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-04 14:31 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-04-04 14:31 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-04 14:31 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-04-04 14:31 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-04 14:31 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-04 14:31 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-04 14:31 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-04 14:31 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-04 14:31 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-04 14:31 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-04 14:31 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-04 14:31 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-04 14:31 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-04-04 14:31 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-04-04 14:31 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-04-04 14:31 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-04-04 14:31 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-04-04 14:31 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-04-04 14:31 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-04 14:31 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-04 14:31 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-04 14:31 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-04 14:31 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-04-04 14:31 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-04 14:31 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-04 14:31 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-04 14:31 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-04 14:31 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-04 14:31 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-04-04 14:31 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-04 14:31 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-04 14:31 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-04-04 14:30 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-04 14:30 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-04-04 14:30 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-04 14:30 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-04 14:30 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-04-04 14:30 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-04 14:30 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-04 14:30 - 2014-08-21 08:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-04 14:30 - 2014-08-21 08:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-04 14:30 - 2014-08-21 08:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-04 14:30 - 2014-08-21 08:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-04 14:30 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-04 14:30 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-04-04 14:30 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-04 14:30 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-04-04 14:30 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-04 14:30 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-04 14:30 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-04-04 14:30 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-04-04 14:30 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-04 14:30 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-04 14:29 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-04 14:29 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-04 14:29 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-04 14:29 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-04 14:29 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-04 14:29 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-04 14:29 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-04 14:29 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-04 14:29 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-04 14:29 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-04 14:29 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-04 14:29 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-04 14:29 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-04 14:29 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-04 14:29 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-04 14:29 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-04 14:29 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-04 14:29 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-04 14:29 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-04-04 14:29 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-04 14:29 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-04 14:29 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-04-04 14:29 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-04 14:29 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-04-04 14:29 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-04 14:29 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-04-04 14:29 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-04-04 14:29 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-04 14:29 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-04 14:29 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-04-04 14:29 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-04-04 14:29 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-04-04 14:29 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-04 14:29 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-04-04 14:29 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-04 14:28 - 2015-02-23 12:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-04 14:28 - 2015-02-23 12:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-04 14:28 - 2015-02-23 12:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-04 14:28 - 2015-02-23 12:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-04 14:28 - 2015-02-23 12:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-04 14:28 - 2015-02-23 12:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-04 14:28 - 2015-02-23 11:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-04 14:28 - 2015-02-23 10:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-04 14:28 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-04 14:28 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-04 14:28 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-04 14:28 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-04 14:28 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-04 14:28 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-04 14:28 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-04 14:28 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-04 14:28 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-04 14:28 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-04 14:27 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-04 14:27 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-04 14:27 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-04 14:27 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-04 14:27 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-04 14:27 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-04 14:27 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-04 14:27 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-04-04 14:27 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-04 14:27 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-04-04 14:27 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-04 14:27 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-04 14:27 - 2014-10-04 04:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-04 14:27 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-04 14:27 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-04 14:27 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-04 14:27 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-04-04 14:27 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-04-04 14:27 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-04 14:27 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-04-04 14:27 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-04-04 14:27 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-04 14:27 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-04-04 14:27 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-04-04 14:27 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-04-04 14:26 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-04 14:26 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-04 14:26 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-04-04 14:26 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-04 14:26 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-04 14:26 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-04 14:26 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-04 14:26 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-04 14:26 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-04 14:26 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-04-04 14:26 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-04 14:26 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-04 14:26 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-04 14:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-04 14:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-04 14:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-04 14:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-04-04 14:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-04 14:26 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-04 14:26 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-04 14:26 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-04 14:26 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-04 14:26 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-04 14:26 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-04 14:26 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-04 14:26 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-04 14:26 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-04 14:26 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-04-04 14:26 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-04-04 14:26 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-04 14:26 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-04 14:26 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-04-04 14:26 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-04-04 14:25 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-04 14:25 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-04 14:25 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-04 14:25 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-04 14:23 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-04 14:23 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-04-04 12:22 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-04 12:22 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-04 12:22 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-04 12:22 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-04 12:21 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-04 12:21 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-04 12:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-04 12:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-04 12:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-04 12:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-04 08:26 - 2015-04-04 08:26 - 00030998 _____ () C:\Windows\SysWOW64\bddel.dat
2015-04-03 20:53 - 2015-04-07 18:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-03 20:53 - 2015-04-03 20:53 - 00001082 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-03 20:53 - 2015-04-03 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-03 20:53 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-03 20:53 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-03 20:53 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-03 20:49 - 2015-04-03 20:49 - 00000000 ____D () C:\Users\***\Documents\Simply Super Software
2015-04-03 20:18 - 2015-04-03 20:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-03 16:12 - 2015-04-03 16:12 - 00000000 ____D () C:\Users\***\Documents\ProcAlyzer Dumps
2015-04-03 16:10 - 2015-04-03 16:10 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\***\Downloads\spybot2-license.exe
2015-04-03 15:36 - 2015-04-03 16:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-03 15:36 - 2015-04-03 15:36 - 00001373 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-04-03 15:36 - 2015-04-03 15:36 - 00001361 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-04-03 15:36 - 2015-04-03 15:36 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-04-03 15:36 - 2015-04-03 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-04-03 15:36 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-04-03 15:35 - 2015-04-06 18:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-03 15:34 - 2015-04-03 15:34 - 00000000 ____D () C:\Users\***\AppData\Roaming\TrojanHunter
2015-04-03 12:58 - 2015-04-03 20:46 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.6
2015-04-03 12:58 - 2015-04-03 12:58 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2015-04-03 12:47 - 2015-04-03 12:52 - 00025204 _____ () C:\Windows\system32\bddel.dat
2015-04-03 12:13 - 2015-04-03 12:13 - 00000000 ____D () C:\Users\***\AppData\Roaming\LavasoftStatistics
2015-04-03 12:12 - 2015-04-03 12:12 - 00000000 ____D () C:\Users\***\AppData\Local\Lavasoft
2015-04-03 12:11 - 2015-04-03 12:11 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-04-03 12:08 - 2015-04-03 12:08 - 00000000 ____D () C:\Program Files\Lavasoft
2015-04-03 12:07 - 2015-04-03 12:10 - 00000000 ____D () C:\Users\***\AppData\Roaming\Lavasoft
2015-04-03 12:07 - 2015-04-03 12:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2015-04-03 12:05 - 2015-04-03 12:10 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-04-03 12:05 - 2015-04-03 12:05 - 02071768 _____ () C:\Users\***\Downloads\AdAware116WebInstaller.exe
2015-04-03 11:48 - 2015-04-13 19:25 - 01210288 _____ () C:\Windows\WindowsUpdate.log
2015-04-03 11:21 - 2015-04-12 11:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 11:08 - 2015-04-03 11:08 - 00000000 ____D () C:\ProgramData\Licenses
2015-04-03 11:06 - 2015-04-03 20:47 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-04-03 11:05 - 2015-04-03 11:05 - 35218576 _____ (Simply Super Software ) C:\Users\***\Downloads\trjsetup692.exe
2015-04-03 08:10 - 2015-04-04 23:10 - 00000000 ____D () C:\Program Files (x86)\new game
2015-04-02 16:46 - 2015-04-03 11:48 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\***\AppData\Roaming\xqi4HgB8PWds
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\***\AppData\Roaming\n8WoXTR
2015-03-26 19:39 - 2015-03-26 17:32 - 00146432 _____ (Oracle Corporation) C:\Windows\SysWOW64\javacpl.cpl
2015-03-26 17:34 - 2015-03-26 17:33 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-24 17:01 - 2015-04-12 09:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-24 17:01 - 2015-03-24 17:01 - 00001125 _____ () C:\Users\Public\Desktop\Polar FlowSync.lnk
2015-03-24 17:00 - 2015-03-24 17:00 - 21743168 _____ (Polar Electro Oy ) C:\Users\***\Downloads\FlowSync_2.3.8.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 20:21 - 2011-02-13 12:11 - 00000000 ____D () C:\Users\***\Documents\Outlook-Dateien
2015-04-13 20:03 - 2014-12-05 21:38 - 00000000 ____D () C:\Users\***\AppData\Local\53D5E25F-F10A-46BE-88F0-592E11C5253C.aplzod
2015-04-13 20:01 - 2012-04-02 07:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-13 19:56 - 2013-08-29 20:33 - 00000348 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-04-13 19:56 - 2010-12-11 10:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 18:04 - 2009-07-14 04:34 - 00000675 _____ () C:\Windows\win.ini
2015-04-13 03:01 - 2010-12-11 10:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-12 12:01 - 2010-02-07 13:32 - 00000454 _____ () C:\Windows\Tasks\Automatische Wartung.job
2015-04-12 09:13 - 2014-10-14 15:53 - 00000000 ____D () C:\Users\***\AppData\Local\CrashDumps
2015-04-11 23:53 - 2009-10-19 22:20 - 00000000 ____D () C:\Users\***\AppData\Roaming\Skype
2015-04-11 13:43 - 2009-07-14 06:45 - 00015040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 13:43 - 2009-07-14 06:45 - 00015040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-10 11:02 - 2010-09-20 19:53 - 00000000 ____D () C:\Users\***\Documents\Ines
2015-04-09 18:01 - 2012-12-02 15:21 - 00000000 ___RD () C:\Users\***\Dropbox
2015-04-09 18:01 - 2012-12-02 14:54 - 00000000 ____D () C:\Users\***\AppData\Roaming\Dropbox
2015-04-09 18:00 - 2012-12-02 15:21 - 00001034 _____ () C:\Users\***\Desktop\Dropbox.lnk
2015-04-09 18:00 - 2012-12-02 15:20 - 00000000 ____D () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 17:51 - 2012-07-15 14:28 - 00000000 ____D () C:\Users\***\.rainlendar2
2015-04-09 17:48 - 2009-10-19 17:26 - 00000144 _____ () C:\service.log
2015-04-09 17:48 - 2009-07-14 06:45 - 05289880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-09 17:45 - 2009-10-19 17:42 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-04-09 17:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-09 17:44 - 2012-05-15 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-09 17:44 - 2010-06-04 07:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-09 17:10 - 2009-10-19 19:41 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-04-08 16:18 - 2009-10-19 17:54 - 00139064 _____ () C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-08 04:48 - 2009-10-19 21:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-08 04:29 - 2010-10-19 11:22 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-04-08 03:12 - 2010-06-05 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 17:42 - 2009-10-19 17:23 - 00000000 ____D () C:\Users\***
2015-04-07 17:01 - 2014-12-23 08:48 - 00003518 _____ () C:\Windows\System32\Tasks\FileAdvisorCheck
2015-04-07 17:01 - 2014-12-23 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2015-04-07 17:01 - 2014-12-23 08:48 - 00000000 ____D () C:\Program Files (x86)\File Type Advisor
2015-04-07 01:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-07 00:47 - 2014-02-19 20:33 - 00000000 ____D () C:\Users\***\Downloads\MyPhoneExplorer_TSV44RV02
2015-04-07 00:44 - 2014-10-19 16:46 - 00000000 ____D () C:\Users\***\AppData\Roaming\WHService
2015-04-06 18:55 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-06 13:51 - 2009-10-19 21:02 - 00000000 ____D () C:\Users\***\AppData\Local\Microsoft Help
2015-04-06 13:50 - 2014-10-17 21:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-06 13:50 - 2013-08-29 18:38 - 00000000 ____D () C:\Users\***\AppData\Roaming\HpUpdate
2015-04-06 13:50 - 2012-08-15 19:08 - 00000000 ____D () C:\Users\***\.thumbnails
2015-04-06 13:50 - 2009-10-22 23:16 - 00000000 ____D () C:\Users\***\AppData\Roaming\Azureus
2015-04-06 13:50 - 2009-10-19 18:13 - 00000000 ____D () C:\Windows\Panther
2015-04-06 13:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-04-06 11:38 - 2011-07-01 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-04-06 11:37 - 2009-10-23 20:17 - 00000000 ____D () C:\Windows\pss
2015-04-06 11:34 - 2011-02-18 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-06 11:34 - 2009-12-29 18:35 - 00000000 ____D () C:\Windows\Minidump
2015-04-06 11:34 - 2009-10-22 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Registry Repair
2015-04-06 11:18 - 2009-10-19 22:20 - 00000000 ____D () C:\ProgramData\Skype
2015-04-06 11:17 - 2009-10-19 22:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-06 11:14 - 2011-09-27 08:53 - 00000000 ____D () C:\Users\***\AppData\Local\Htc
2015-04-06 11:14 - 2009-10-21 17:53 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-06 11:13 - 2014-12-05 21:32 - 00000000 ___RD () C:\Users\***\iCloudDrive
2015-04-06 11:13 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-06 10:34 - 2009-07-14 19:58 - 02982910 _____ () C:\Windows\system32\perfh007.dat
2015-04-06 10:34 - 2009-07-14 19:58 - 00886948 _____ () C:\Windows\system32\perfc007.dat
2015-04-06 10:34 - 2009-07-14 07:13 - 00006512 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-06 10:13 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-06 10:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-06 10:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-06 10:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-04-06 10:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-05 03:17 - 2013-07-19 07:16 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-04 21:25 - 2010-05-14 11:19 - 00000000 ____D () C:\Users\multiskype.INES_BUERO
2015-04-04 21:25 - 2010-05-14 11:13 - 00000000 ____D () C:\Users\multiskype
2015-04-04 21:25 - 2009-10-19 19:15 - 00000000 ____D () C:\Users\Administrator
2015-04-04 21:23 - 2014-12-12 15:23 - 00000000 ____D () C:\Users\***\AppData\Roaming\TuneUp Software
2015-04-04 21:00 - 2009-10-19 19:41 - 00000000 ____D () C:\ProgramData\avg8
2015-04-04 13:18 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-04 13:01 - 2009-10-22 19:42 - 00002562 _____ () C:\Windows\diagwrn.xml
2015-04-04 13:01 - 2009-10-22 19:42 - 00001908 _____ () C:\Windows\diagerr.xml
2015-04-04 12:55 - 2014-06-13 09:08 - 00002854 _____ () C:\Windows\CompatibilityIssues.txt
2015-04-03 20:00 - 2014-12-31 12:25 - 00005584 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-04-03 20:00 - 2014-12-31 12:25 - 00002664 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-04-03 20:00 - 2014-12-31 12:25 - 00002664 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-04-03 11:20 - 2009-10-20 21:23 - 00000000 ____D () C:\Users\***\Documents\Backups
2015-04-03 11:18 - 2009-10-21 20:27 - 00000000 ____D () C:\Users\***\Documents\Tussy Anträge
2015-03-26 19:39 - 2013-10-26 17:13 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-26 17:33 - 2010-06-29 19:14 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00207272 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00206760 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00000000 ____D () C:\Program Files\Java
2015-03-26 17:32 - 2013-10-26 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-26 17:31 - 2009-10-20 18:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-24 17:01 - 2011-04-19 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polar
2015-03-24 17:01 - 2011-04-19 19:13 - 00000000 ____D () C:\Program Files (x86)\Polar

==================== Files in the root of some directories =======

2009-12-01 18:08 - 2009-12-01 18:08 - 3211264 _____ () C:\Program Files (x86)\Common FilesDDBACSetup.msi
2010-08-07 18:06 - 2010-07-22 23:40 - 2944904 _____ (Ask) C:\Program Files (x86)\Common Files\AskToolbarInstaller.exe
2013-05-15 18:32 - 2013-05-15 18:32 - 0000288 _____ () C:\Users\***\AppData\Roaming\.backup.dm
2011-09-12 20:20 - 2011-09-14 21:53 - 0000132 _____ () C:\Users\***\AppData\Roaming\Adobe BMP Format CS5 Prefs
2011-08-15 17:43 - 2011-08-15 17:43 - 0000132 _____ () C:\Users\***\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-01-29 01:12 - 2011-03-28 07:56 - 0001188 _____ () C:\Users\***\AppData\Roaming\BBMS_EXCEPTION.txt
2012-08-05 21:16 - 2012-08-05 21:16 - 0457829 _____ (Freedom Download Manager                                    ) C:\Users\***\AppData\Roaming\fdm-setup.exe
2012-09-23 09:44 - 2012-12-02 13:14 - 0038489 _____ () C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2012-12-02 13:26 - 2012-12-02 13:26 - 0013021 _____ () C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\***\AppData\Roaming\n8WoXTR
2012-03-28 17:06 - 2012-03-28 17:10 - 0076768 _____ () C:\Users\***\AppData\Roaming\Photo.jpg
2011-01-27 21:24 - 2011-10-07 18:52 - 0002002 _____ () C:\Users\***\AppData\Roaming\Rim.Desktop.Exception.log
2011-01-27 21:23 - 2011-12-11 13:08 - 0006063 _____ () C:\Users\***\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\***\AppData\Roaming\xqi4HgB8PWds
2012-06-09 17:12 - 2012-06-09 17:12 - 0022440 _____ () C:\Users\***\AppData\Local\426535460_Setup.crx
2009-11-05 19:28 - 2013-08-30 21:31 - 0036352 _____ () C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-15 19:10 - 2012-08-15 19:10 - 0000848 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2011-04-12 19:31 - 2011-04-12 19:38 - 0000128 _____ () C:\Users\***\AppData\Local\Temp$$_temp.ldb
2013-08-29 18:35 - 2013-08-29 18:35 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvf9gdc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 14:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 13.04.2015, 19:47   #4
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by *** at 2015-04-13 20:23:58
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_c35ac3aab92f0b6e1772ee28e3c5ae0) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Album Art Downloader XUI 0.44 (HKLM-x32\...\Album Art Downloader XUI) (Version: 0.44 - hxxp://sourceforge.net/projects/album-art)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2010 (HKLM-x32\...\Ashampoo Burning Studio 2010_is1) (Version: 9.12 - ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 3.12 (HKLM-x32\...\Ashampoo UnInstaller 3_is1) (Version: 3.1.2 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2010 CBE (HKLM-x32\...\Ashampoo WinOptimizer 2010 CBE_is1) (Version: 6.5.0 - Ashampoo GmbH & Co. KG)
Audials TV (HKLM-x32\...\{1A0B8239-664B-434A-99D8-C50793513249}) (Version: 1.3.10800.0 - RapidSolution Software AG)
AudialsOne (HKLM-x32\...\{80C7431E-CB45-40F4-AB4E-090E8AD4706D}) (Version: 4.0.33916.1600 - RapidSolution Software AG)
AudioCon (HKLM-x32\...\AudioCon) (Version: 1.0 - Basement Softworks)
Auto Resolution (HKLM-x32\...\{403F1594-BC16-47A5-B365-F73CD69D720E}) (Version: 1.9 - LG Electronics Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4321 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.403 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version:  - AVM Berlin)
Azureus (HKLM-x32\...\Azureus) (Version: 2.5.0.4 - )
BackupOutlook (HKLM-x32\...\{75210106-92D4-45A9-B2B7-EC9E901DF334}_is1) (Version: 3.0.2 - Wisco)
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version:  - )
BewerbungsGenie 5 (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\{0A06F725-CD0E-4360-BEC8-F89AF54E59D2}) (Version: 1.00.000 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{6DFB01ED-2F63-4210-81B4-B1AF742C475B}) (Version: 0.6.53 - Kovid Goyal)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon iP4500 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series) (Version:  - )
Canon iP4500 series Benutzerregistrierung (HKLM-x32\...\Canon iP4500 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.2.0.10 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.3 (HKLM-x32\...\DPP) (Version: 3.3.0.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.3.0.2 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.2.0.1 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.25 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
Creative-Diagnose (HKLM-x32\...\Diagnostics 4_5) (Version:  - )
Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM-x32\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.0.0 - Business Objects)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.8.0 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAISY (HKLM-x32\...\DAISY) (Version:  - )
DATA BECKER PDF Professionell 4 (HKLM-x32\...\PDF Professionell 4_is1) (Version:  - )
DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.0.24 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
Easy Text To HTML Converter (HKLM-x32\...\Easy Text To HTML Converter) (Version: 3.0.0 - easy HTools)
EasySaver B9.0610.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
EcrSystem (HKLM-x32\...\{1C18975A-D0CE-43FB-81CC-006C82F9BE10}) (Version: 1.0.0 - EcrSystem)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Etikettendruckerei 5 (HKLM-x32\...\{59CB3794-BA8C-4DF5-8C3A-C3E3B184C35B}) (Version: 5.02.000 - )
File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version:  - )
FileZilla (remove only) (HKLM-x32\...\FileZilla) (Version:  - )
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
funScreenScraping Client Version (HKLM-x32\...\{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}) (Version: 1.0.173 - fun communications GmbH)
funScreenScraping Microsoft Systemdateien (HKLM-x32\...\{AC849092-6F19-4395-8860-BC3B82CAFE51}) (Version: 1.0.6 - fun communications GmbH)
Geometry Calculator v1.2 (HKLM-x32\...\Geometry Calculator v1.2) (Version: 1.2 - SJW Computer Resources)
Gigaset QuickSync (HKLM\...\{a325d0b9-0b5e-4ad1-9c5f-e39aa43f8c9d}) (Version: 7.1.0841.3 - Gigaset Communications GmbH)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Registry Repair 3.2.0.828 (HKLM-x32\...\Glary Registry Repair_is1) (Version:  - GlarySoft.com)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hercules Webcam Station Evolution (HKLM-x32\...\{B60D61FD-1CB1-4ED5-974E-8C959F14208E}) (Version: 4.0.2.1 - Hercules)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HP Easy Printer Care (HKLM-x32\...\HP Easy Printer Care) (Version:  - Hewlett-Packard Co.)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Print View Software (HKLM\...\{BE83E4A4-A678-4211-AF2B-2EC8ECC0AC73}) (Version: 2.0.0.1 - Hewlett-Packard)
HP Print View Software (HKLM-x32\...\HP Marketing Resources) (Version:  - Hewlett-Packard Co.)
HP Proactive Services (HKLM-x32\...\{7527CD9F-894E-47B3-9AFB-3E680E007051}) (Version: 1.6.0.37 - Ihr Firmenname)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{7A3FFA58-876F-489C-B6CF-0503916224DF}) (Version: 3.0.5617 - HTC Corporation)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Komponenten der Betriebssystemkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Ereigniskommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Gerätedatenkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Kernkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Lexware Abschreibungsrechner (HKLM-x32\...\{20DC6CD9-AAA0-4FF9-A171-D72A7BCB0910}) (Version: 9.01.04.0007 - Haufe-Lexware GmbH & Co. KG)
Lexware Abschreibungsrechner (x32 Version: 4.60.00.0000 - Lexware) Hidden
Lexware büro easy 2011 (HKLM-x32\...\{43034BED-DF67-4CC8-8D13-D18B0298F402}) (Version: 23.50.04.0059 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster (HKLM-x32\...\{C8E00BC8-D619-4081-813A-6B5BCC846534}) (Version: 9.10.00.0041 - Lexware GmbH & Co. KG)
Lexware Info Service (HKLM-x32\...\{59624372-3B85-47f4-9B04-4911E551DF1E}) (Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Lexware online banking (HKLM-x32\...\{F6995FC4-2D91-4169-B3C4-7C51B7123902}) (Version: 10.00.00.0102 - Lexware GmbH & Co. KG)
Lexware online banking 4.90 (x32 Version: 4.90 - Lexware) Hidden
Lexware reisekosten 2009 (HKLM-x32\...\{225C12AE-BB37-4EE3-8935-583E2F0E6644}) (Version: 16.00.00.0050 - Lexware)
Lexware reisekosten 2009 (x32 Version: 16.00.00.0050 - Lexware) Hidden
Lexware Sepa Check (x32 Version: 1.00.00.0003 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Zeiterfassung (HKLM-x32\...\{4119E30C-82DE-44AD-9382-631A031E1E1B}) (Version: 23.00.04.0005 - Haufe-Lexware GmbH & Co. KG)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}) (Version: 1.18.5.1 - LightScribe)
Live 8.1.5 (HKLM-x32\...\Live 8.1.5) (Version:  - )
MAGIX 3D Maker 7 Download-Version (HKLM-x32\...\MAGIX_MSI_3D7) (Version: 7.0.0.482 - MAGIX AG)
MAGIX 3D Maker 7 Download-Version (x32 Version: 7.0.0.482 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft IntelliPoint 7.0 (HKLM\...\{C74A84EC-7C5F-4C36-A4A6-381E516D643B}) (Version: 7.0.260.0 - Microsoft)
Microsoft IntelliType Pro 7.0 (HKLM\...\{850C7AF6-7376-464D-A69C-E8419EC7ACA7}) (Version: 7.0.260.0 - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector 64-Bit (HKLM\...\{95140000-0081-0407-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (HKLM\...\{95140000-007D-0409-1000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft)
Microsoft Setup Center 13.05 (HKLM-x32\...\Microsoft Setup Center 13.05_is1) (Version:  - com! - Das Computer Magazin)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
myphotobook.de (x32 Version: 1.1.0 - myphotobook GmbH) Hidden
NVIDIA 3D Vision Controller-Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OutlookAddInNet3Setup (HKLM-x32\...\{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}) (Version: 1.0.0 - Samsung)
PC Connectivity Solution (HKLM-x32\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Frames & Effects Free 1.12 (HKLM-x32\...\{CF12B794-A1EF-4211-B16F-0FB4E2FACCA6}_is1) (Version: 1.12 - Big Eagle Software KB)
Photomatix Pro Version 5.0.3 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.3 - HDRsoft Ltd)
Picasa 2 (HKLM-x32\...\Picasa2) (Version: 2.0 - Google, Inc.)
PixiePack Codec Pack (HKLM-x32\...\{9C450606-ED24-4958-92BA-B8940C99D441}) (Version: 1.1.400.0 - None)
PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version:  - )
Polar FlowSync Version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy)
PortraitPro 12.2 (HKLM\...\PortraitPro12_is1) (Version: 12.2 - Anthropics Technology Ltd.)
Power Presenter RE (HKLM-x32\...\{6AF6BFD2-D368-4F81-9B82-D3B1414351C8}) (Version:    -   )
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quicken 2010 - Servicepack 5 (HKLM-x32\...\{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}) (Version: 17.05.0000 - Lexware GmbH & Co KG)
Quicken 2010 (x32 Version: 17.00.00.0081 - Lexware GmbH & Co. KG) Hidden
Quicken HOME & BUSINESS 2010 (HKLM-x32\...\InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}) (Version: 17.00.00.0081 - Lexware GmbH & Co. KG)
Quicken Import Export Server 2010 (HKLM-x32\...\{7DA9F24A-CEC3-426E-BFFA-ADB94D922463}) (Version: 17.00.00.0048 - Lexware GmbH & Co. KG)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5864 - Realtek Semiconductor Corp.)
RENESIS® Player Browser Plugins (HKLM-x32\...\{62B7C52C-CAB6-48B1-8245-52356C141C92}) (Version: 1.1.1 - examotion® GmbH)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.4.0 - SAMSUNG Electronics Co., Ltd.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Schafkopf & Doppelkopf Deluxe DEMO 1.0 (HKLM-x32\...\{98BA5D38-461D-415B-A651-2120D6994FC5}_is1) (Version: Schafkopf & Doppelkopf Deluxe DEMO - Zone 2 Media GmbH)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.29 - LG Electronics Inc.)
Security-Plugin-Secoder (HKLM-x32\...\SecurityPluginSecoder) (Version: 2.4.0.0 - PPI AG, Hamburg, Germany)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SoundTouch (HKLM-x32\...\{42DA7251-AA96-484D-8190-F1BA53C75AFD}) (Version: 7.2.21.8752 - BOSE)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncDroid version 1.2.5 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.5 - JunTu Software, Inc.)
Tablet Driver With Macrokey Manager (HKLM\...\RmTablet) (Version:  - )
TAPI Services for FRITZ!Box (HKLM\...\{8505C641-422E-4E3C-B6B0-0F070E289FDD}) (Version: 1.0.4 - AVM Berlin)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Tengwar Mode Editor (HKLM-x32\...\Tengwar Mode Editor) (Version:  - )
Tengwar Scribe (HKLM-x32\...\Tengwar Scribe) (Version:  - )
Texas Instruments TUSB3410 drivers. (HKLM-x32\...\InstallShield_{FA66245E-0E77-40D5-94A4-CB7AB753034F}) (Version: 6.5.9019.1 - Texas Instruments Inc.)
The Room (HKLM-x32\...\Steam App 288160) (Version:  - Fireproof Games)
Total Immersion D'Fusion @Home Web Plug-In (HKLM-x32\...\D'Fusion @Home Web Plug-In) (Version:  - Total Immersion)
Trendpoker 3D - Texas Hold'em Poker (HKLM-x32\...\{1395FC46-F870-4F09-A48D-959213281E08}_is1) (Version: 1.9 - BUFOproject)
TUSB3410 (x32 Version: 6.5.9019.1 - Texas Instruments Inc.) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnInstall MyScriptStylus (HKLM-x32\...\MyScript Stylus_is1) (Version:  - Vision Objects)
USB2.0 Card Reader Software (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.0.6000.75 - Realtek)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
V-Drums Friend Jam (x32 Version: 4.0.2 - Roland Corporation) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}) (Version: 8.0.0.35 - GRISOFT, s.r.o.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone (HKLM-x32\...\{3AAB5D08-28EA-4A4F-88C5-6906B880E81B}) (Version: 0.9.3426.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Xilisoft iPhone Klingelton Maker (HKLM-x32\...\Xilisoft iPhone Ringtone Maker) (Version: 2.0.4.0226 - Xilisoft)
Xilisoft Video Converter Standard (HKLM-x32\...\Xilisoft Video Converter Standard) (Version: 5.1.39.0409 - Xilisoft)
XING Connector 1.2 (HKLM\...\XING Connector) (Version: 1.2 - XING AG)
Xtra Controller (HKLM-x32\...\{59579B12-97E6-437E-B988-BA032165D355}) (Version: 3.2.0.1 - Hercules)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{01E9FAE9-3819-4dd9-B1D9-998A1C62D1F8}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

06-04-2015 12:32:19 Installed AVG 2015
06-04-2015 13:28:41 AVG PC TuneUp 2015 wird installiert
06-04-2015 13:37:07 Installed AVG 2015
06-04-2015 20:44:39 LavasoftWeCompanion
08-04-2015 03:01:38 Windows Update
09-04-2015 17:06:09 Revo Uninstaller's restore point - AVG PC TuneUp 2015
09-04-2015 17:11:46 Revo Uninstaller's restore point - Web Companion
09-04-2015 17:56:57 Removed Java 8 Update 40
09-04-2015 18:03:23 AA11
11-04-2015 03:00:38 Windows Update
12-04-2015 03:00:19 Windows Update
13-04-2015 03:01:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-08 00:50 - 00450801 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	activate.adobe.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05C10839-A3A2-42A1-B85F-5EF5C86B65FA} - System32\Tasks\{B694620C-2086-48F1-89E9-CFF1291C9460} => pcalua.exe -a "C:\Users\***\Downloads\ddbac(1).exe" -d "C:\Users\***\Downloads"
Task: {090F67E6-4FAD-476D-B4F8-AAC4A6C72C6F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-05-26] (Microsoft Corporation)
Task: {1270FEC0-5181-41BA-9225-C6CC97F03C0E} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-08] ()
Task: {1ED730EA-A80C-4C59-BCF6-EB441FD2C55F} - System32\Tasks\{3AAF266F-B930-4ADC-8B94-784B601CF329} => pcalua.exe -a "C:\Program Files (x86)\EcrSystem\Uninstall.exe" -d "C:\Program Files (x86)\EcrSystem"
Task: {1F21406E-F8A4-41AB-80C2-A07857128F81} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {21A02C1B-1DC5-40C2-B8FE-90B36A043E88} - System32\Tasks\{37474F1E-DD2E-46ED-A5E3-6B41977D1A59} => pcalua.exe -a D:\LxSetup.exe -d D:\
Task: {2A1349A8-768C-4712-BC8B-BC2831EA2C4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {3117EE58-ABA2-412D-93BB-09F2FD6F8B3A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {40F40A85-F434-4F9A-9EB9-3F0EA7D71643} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2014-01-28] (Abelssoft)
Task: {42376701-A647-4B1C-8431-396A7212C35A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {50765239-4913-4346-B51F-B15422AD21FA} - System32\Tasks\{553DA046-FD29-4C8A-B792-0696B54E8992} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25] (Skype Technologies S.A.)
Task: {590B87E2-1F51-4373-BE90-51D74F668D9F} - System32\Tasks\{3050EFDC-0E6B-4F44-B0D7-92BBD7FCE85E} => pcalua.exe -a "C:\Users\***\Documents\DVDVideoSoft\DVSUninstall.exe" -d "C:\Users\***\Documents\DVDVideoSoft"
Task: {64086D9D-9AF9-4C49-88EC-5BF76B67D242} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {65EE0053-A5AD-4451-8837-87AD8E0C3010} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-12-20] ()
Task: {67B57B45-1A48-4092-B828-D9D7A328CB81} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {6D322EAC-FAE7-406E-BD69-EF074ABF7088} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {95627600-61A7-4BD7-8645-F880718F5C2A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {9F908E6D-ABCD-4D00-AEC2-8713A99F6D9C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A4CA6E45-2C72-499F-AA43-F15A9A86C977} - System32\Tasks\{73BE966D-7EB5-479A-9376-5C03F7473200} => pcalua.exe -a "C:\Program Files (x86)\Azureus\Uninstall.exe"
Task: {A5932482-6FC9-4CFA-9297-6E242EF94219} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A819B4A6-226B-4412-BF66-507EA8BC9607} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {A85089BA-1EBB-4F91-ADD5-8FF7288D21D3} - System32\Tasks\{E8907E42-18F3-452E-83B0-28BC62D071AD} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.166.259/de/go/help.faq.installer?LastError=1641
Task: {B55C24FC-012A-49CF-8E63-CBFF51DED791} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2014-02-24] (File Type Advisor)
Task: {B7AE76E1-D1BD-41E6-A93C-7B5FCB47E4C7} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?LinkId=116866
Task: {BC201058-B2D2-4D5E-A9D0-66F21678082F} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-05-21] (Microsoft Corporation)
Task: {BC3D8A10-8DE7-4973-8662-CDB641E1BD88} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4B68FF7-4F7F-436C-89B1-15AEAB5DBFD7} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-10-19] ()
Task: {CE5A8F34-74C2-40F4-AB36-4EEEA3729642} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2014-02-24] (                                                            )
Task: {E07E5FF7-CDFE-4871-BD81-4EC82C2B5001} - System32\Tasks\Automatische Wartung => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\WO2010cbe.exe [2009-12-21] (Ashampoo GmbH & Co. KG)
Task: {E2F4204B-C97D-461F-BE56-A54C4AD36690} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E74E6F9F-EF7D-46ED-9AE7-E4FAE1CFF691} - System32\Tasks\AdobeAAMUpdater-1.0-INES_BUERO-*** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {F6999B19-E08C-4C05-B392-BA5DA664D3C7} - System32\Tasks\HP AR Program Upload - 95a8ddc2446f48688600bed5f8a5c0368c0661a8620f42c7877bb19b9936bdf3 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Automatische Wartung.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\WO2010cbe.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) ==============

2009-11-10 19:04 - 2006-02-23 13:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2009-11-10 19:04 - 2006-02-22 12:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2009-10-19 17:26 - 2009-03-02 14:06 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2011-09-15 13:06 - 2011-09-15 13:06 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2011-02-12 21:20 - 2011-01-17 21:09 - 00914664 _____ () C:\Windows\system32\atwtusb.exe
2012-11-19 08:34 - 2012-12-29 10:40 - 00087480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-17 17:30 - 2013-06-12 15:54 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-02-12 21:20 - 2010-12-24 16:30 - 07319784 _____ () C:\Windows\System32\WTMKM.exe
2012-07-02 09:11 - 2012-07-02 09:11 - 02498048 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2014-10-17 17:30 - 2013-06-26 10:56 - 00241664 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
2012-07-03 14:21 - 2012-07-03 14:21 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-07-03 14:21 - 2012-07-03 14:21 - 00754376 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 05607416 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\AdAwareUpdater.exe
2015-03-10 18:52 - 2015-03-10 18:52 - 03396064 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\RCF.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00055320 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00125464 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00024080 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00107024 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00033296 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00499728 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 02144248 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 03897344 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\AdAwareUpdaterKernel.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00456224 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_program_options-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00785936 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00391152 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\Statistics.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 06710800 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\AdAwareUpdaterDefaultSkin.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-15 04:36 - 2013-02-15 04:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-04-10 17:01 - 2015-04-10 17:01 - 01177712 _____ () C:\Windows\TEMP\is-ONFJC.tmp\file-type-advisor.tmp
2015-04-13 18:04 - 2015-04-13 18:04 - 01177712 _____ () C:\Windows\TEMP\is-DUS0O.tmp\file-type-advisor.tmp
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-10-22 21:45 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2009-10-19 17:26 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2015-04-03 15:36 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-03 15:36 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-03 15:36 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-04-03 15:36 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-03 15:36 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-10-17 17:30 - 2013-06-12 15:54 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2012-05-16 21:01 - 2012-05-16 21:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2012-07-02 09:11 - 2012-07-02 09:11 - 00198144 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 15:22 - 2012-06-17 15:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2012-02-15 01:05 - 2012-02-15 01:37 - 11796096 _____ () C:\Users\***\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
2014-10-17 17:30 - 2013-04-24 17:47 - 00004608 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\GerRes.dll
2015-03-24 17:01 - 2014-11-11 11:19 - 01703424 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll
2015-03-24 17:01 - 2013-08-25 21:52 - 00728576 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libGLESv2.dll
2015-03-24 17:01 - 2013-08-25 21:52 - 00048128 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libEGL.dll
2015-03-24 17:01 - 2013-08-25 21:59 - 00833024 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll
2009-10-20 19:33 - 2004-07-26 17:11 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2015-04-09 18:00 - 2015-04-09 18:00 - 00043008 _____ () c:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvf9gdc.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:B801D4E2
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\***\Documents\MailOut_Bsp1.eml:OECustomProperty
AlternateDataStreams: C:\Users\***\Documents\MailOut_Bsp2.eml:OECustomProperty
AlternateDataStreams: C:\Users\***\Documents\MailOut_Bsp3.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gambali => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lexware Info Service.lnk => C:\Windows\pss\Lexware Info Service.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2010 Zahlungserinnerung.lnk => C:\Windows\pss\Quicken 2010 Zahlungserinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Startcenter.lnk => C:\Windows\pss\FRITZ!DSL Startcenter.lnk.Startup
MSCONFIG\startupfolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^klickTel OEM 2007 - Schnellstarter.lnk => C:\Windows\pss\klickTel OEM 2007 - Schnellstarter.lnk.Startup
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupOutlook => "C:\Program Files (x86)\Wisco\BackupOutlook\BackupOutlook.exe" silent
MSCONFIG\startupreg: FreeRAM XP => "C:\Program Files (x86)\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Picasa Media Detector => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: STAMPIT-Tray => C:\Program Files (x86)\STAMPIT\Binary\Stray.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UIWatcher => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

==================== Accounts: =============================

Administrator (S-1-5-21-4067268467-3182437459-1756596644-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-4067268467-3182437459-1756596644-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4067268467-3182437459-1756596644-1004 - Limited - Enabled)
*** (S-1-5-21-4067268467-3182437459-1756596644-1001 - Administrator - Enabled) => C:\Users\***
UpdatusUser (S-1-5-21-4067268467-3182437459-1756596644-1008 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10998

Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10998

Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9999

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9999

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9001

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9001

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8002


System errors:
=============
Error: (04/13/2015 03:14:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft InfoPath 2010 (KB2817369) 64-Bit-Edition

Error: (04/13/2015 03:12:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Access 2010 (KB2837601) 64-Bit-Edition

Error: (04/13/2015 03:12:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2010 (KB2920748) 64-Bit-Edition

Error: (04/13/2015 03:12:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 x64 (KB2972215)

Error: (04/12/2015 03:14:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft InfoPath 2010 (KB2817369) 64-Bit-Edition

Error: (04/12/2015 03:12:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Access 2010 (KB2837601) 64-Bit-Edition

Error: (04/12/2015 03:12:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2010 (KB2920748) 64-Bit-Edition

Error: (04/12/2015 03:11:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 x64 (KB2972215)

Error: (04/11/2015 03:16:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft InfoPath 2010 (KB2817369) 64-Bit-Edition

Error: (04/11/2015 03:15:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Access 2010 (KB2837601) 64-Bit-Edition


Microsoft Office Sessions:
=========================
Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10998

Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10998

Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9999

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9999

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9001

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9001

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8002


CodeIntegrity Errors:
===================================
  Date: 2015-04-13 05:52:34.443
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-13 03:00:49.282
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-12 16:58:39.847
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-12 13:02:45.754
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-12 12:01:33.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-12 11:40:58.420
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-10 07:29:28.029
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-10 07:08:56.785
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-10 06:44:20.905
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-09 18:00:23.692
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 31%
Total physical RAM: 6142.49 MB
Available physical RAM: 4177.65 MB
Total Pagefile: 12283.17 MB
Available Pagefile: 8156.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:601.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:931.5 GB) (Free:873.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BF2EBF2E)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: DF8203A6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
--- --- ---

Alt 13.04.2015, 19:48   #5
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by *** at 2015-04-13 20:23:58
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_c35ac3aab92f0b6e1772ee28e3c5ae0) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Album Art Downloader XUI 0.44 (HKLM-x32\...\Album Art Downloader XUI) (Version: 0.44 - hxxp://sourceforge.net/projects/album-art)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2010 (HKLM-x32\...\Ashampoo Burning Studio 2010_is1) (Version: 9.12 - ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 3.12 (HKLM-x32\...\Ashampoo UnInstaller 3_is1) (Version: 3.1.2 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2010 CBE (HKLM-x32\...\Ashampoo WinOptimizer 2010 CBE_is1) (Version: 6.5.0 - Ashampoo GmbH & Co. KG)
Audials TV (HKLM-x32\...\{1A0B8239-664B-434A-99D8-C50793513249}) (Version: 1.3.10800.0 - RapidSolution Software AG)
AudialsOne (HKLM-x32\...\{80C7431E-CB45-40F4-AB4E-090E8AD4706D}) (Version: 4.0.33916.1600 - RapidSolution Software AG)
AudioCon (HKLM-x32\...\AudioCon) (Version: 1.0 - Basement Softworks)
Auto Resolution (HKLM-x32\...\{403F1594-BC16-47A5-B365-F73CD69D720E}) (Version: 1.9 - LG Electronics Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4321 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.403 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version:  - AVM Berlin)
Azureus (HKLM-x32\...\Azureus) (Version: 2.5.0.4 - )
BackupOutlook (HKLM-x32\...\{75210106-92D4-45A9-B2B7-EC9E901DF334}_is1) (Version: 3.0.2 - Wisco)
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version:  - )
BewerbungsGenie 5 (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\{0A06F725-CD0E-4360-BEC8-F89AF54E59D2}) (Version: 1.00.000 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{6DFB01ED-2F63-4210-81B4-B1AF742C475B}) (Version: 0.6.53 - Kovid Goyal)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon iP4500 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series) (Version:  - )
Canon iP4500 series Benutzerregistrierung (HKLM-x32\...\Canon iP4500 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.2.0.10 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.3 (HKLM-x32\...\DPP) (Version: 3.3.0.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.3.0.2 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.2.0.1 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.25 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
Creative-Diagnose (HKLM-x32\...\Diagnostics 4_5) (Version:  - )
Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM-x32\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.0.0 - Business Objects)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.8.0 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAISY (HKLM-x32\...\DAISY) (Version:  - )
DATA BECKER PDF Professionell 4 (HKLM-x32\...\PDF Professionell 4_is1) (Version:  - )
DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.0.24 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
Easy Text To HTML Converter (HKLM-x32\...\Easy Text To HTML Converter) (Version: 3.0.0 - easy HTools)
EasySaver B9.0610.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
EcrSystem (HKLM-x32\...\{1C18975A-D0CE-43FB-81CC-006C82F9BE10}) (Version: 1.0.0 - EcrSystem)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Etikettendruckerei 5 (HKLM-x32\...\{59CB3794-BA8C-4DF5-8C3A-C3E3B184C35B}) (Version: 5.02.000 - )
File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version:  - )
FileZilla (remove only) (HKLM-x32\...\FileZilla) (Version:  - )
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
funScreenScraping Client Version (HKLM-x32\...\{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}) (Version: 1.0.173 - fun communications GmbH)
funScreenScraping Microsoft Systemdateien (HKLM-x32\...\{AC849092-6F19-4395-8860-BC3B82CAFE51}) (Version: 1.0.6 - fun communications GmbH)
Geometry Calculator v1.2 (HKLM-x32\...\Geometry Calculator v1.2) (Version: 1.2 - SJW Computer Resources)
Gigaset QuickSync (HKLM\...\{a325d0b9-0b5e-4ad1-9c5f-e39aa43f8c9d}) (Version: 7.1.0841.3 - Gigaset Communications GmbH)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Registry Repair 3.2.0.828 (HKLM-x32\...\Glary Registry Repair_is1) (Version:  - GlarySoft.com)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hercules Webcam Station Evolution (HKLM-x32\...\{B60D61FD-1CB1-4ED5-974E-8C959F14208E}) (Version: 4.0.2.1 - Hercules)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HP Easy Printer Care (HKLM-x32\...\HP Easy Printer Care) (Version:  - Hewlett-Packard Co.)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Print View Software (HKLM\...\{BE83E4A4-A678-4211-AF2B-2EC8ECC0AC73}) (Version: 2.0.0.1 - Hewlett-Packard)
HP Print View Software (HKLM-x32\...\HP Marketing Resources) (Version:  - Hewlett-Packard Co.)
HP Proactive Services (HKLM-x32\...\{7527CD9F-894E-47B3-9AFB-3E680E007051}) (Version: 1.6.0.37 - Ihr Firmenname)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{7A3FFA58-876F-489C-B6CF-0503916224DF}) (Version: 3.0.5617 - HTC Corporation)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Komponenten der Betriebssystemkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Ereigniskommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Gerätedatenkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Kernkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Lexware Abschreibungsrechner (HKLM-x32\...\{20DC6CD9-AAA0-4FF9-A171-D72A7BCB0910}) (Version: 9.01.04.0007 - Haufe-Lexware GmbH & Co. KG)
Lexware Abschreibungsrechner (x32 Version: 4.60.00.0000 - Lexware) Hidden
Lexware büro easy 2011 (HKLM-x32\...\{43034BED-DF67-4CC8-8D13-D18B0298F402}) (Version: 23.50.04.0059 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster (HKLM-x32\...\{C8E00BC8-D619-4081-813A-6B5BCC846534}) (Version: 9.10.00.0041 - Lexware GmbH & Co. KG)
Lexware Info Service (HKLM-x32\...\{59624372-3B85-47f4-9B04-4911E551DF1E}) (Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Lexware online banking (HKLM-x32\...\{F6995FC4-2D91-4169-B3C4-7C51B7123902}) (Version: 10.00.00.0102 - Lexware GmbH & Co. KG)
Lexware online banking 4.90 (x32 Version: 4.90 - Lexware) Hidden
Lexware reisekosten 2009 (HKLM-x32\...\{225C12AE-BB37-4EE3-8935-583E2F0E6644}) (Version: 16.00.00.0050 - Lexware)
Lexware reisekosten 2009 (x32 Version: 16.00.00.0050 - Lexware) Hidden
Lexware Sepa Check (x32 Version: 1.00.00.0003 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Zeiterfassung (HKLM-x32\...\{4119E30C-82DE-44AD-9382-631A031E1E1B}) (Version: 23.00.04.0005 - Haufe-Lexware GmbH & Co. KG)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}) (Version: 1.18.5.1 - LightScribe)
Live 8.1.5 (HKLM-x32\...\Live 8.1.5) (Version:  - )
MAGIX 3D Maker 7 Download-Version (HKLM-x32\...\MAGIX_MSI_3D7) (Version: 7.0.0.482 - MAGIX AG)
MAGIX 3D Maker 7 Download-Version (x32 Version: 7.0.0.482 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft IntelliPoint 7.0 (HKLM\...\{C74A84EC-7C5F-4C36-A4A6-381E516D643B}) (Version: 7.0.260.0 - Microsoft)
Microsoft IntelliType Pro 7.0 (HKLM\...\{850C7AF6-7376-464D-A69C-E8419EC7ACA7}) (Version: 7.0.260.0 - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector 64-Bit (HKLM\...\{95140000-0081-0407-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (HKLM\...\{95140000-007D-0409-1000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft)
Microsoft Setup Center 13.05 (HKLM-x32\...\Microsoft Setup Center 13.05_is1) (Version:  - com! - Das Computer Magazin)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
myphotobook.de (x32 Version: 1.1.0 - myphotobook GmbH) Hidden
NVIDIA 3D Vision Controller-Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OutlookAddInNet3Setup (HKLM-x32\...\{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}) (Version: 1.0.0 - Samsung)
PC Connectivity Solution (HKLM-x32\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Frames & Effects Free 1.12 (HKLM-x32\...\{CF12B794-A1EF-4211-B16F-0FB4E2FACCA6}_is1) (Version: 1.12 - Big Eagle Software KB)
Photomatix Pro Version 5.0.3 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.3 - HDRsoft Ltd)
Picasa 2 (HKLM-x32\...\Picasa2) (Version: 2.0 - Google, Inc.)
PixiePack Codec Pack (HKLM-x32\...\{9C450606-ED24-4958-92BA-B8940C99D441}) (Version: 1.1.400.0 - None)
PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version:  - )
Polar FlowSync Version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy)
PortraitPro 12.2 (HKLM\...\PortraitPro12_is1) (Version: 12.2 - Anthropics Technology Ltd.)
Power Presenter RE (HKLM-x32\...\{6AF6BFD2-D368-4F81-9B82-D3B1414351C8}) (Version:    -   )
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quicken 2010 - Servicepack 5 (HKLM-x32\...\{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}) (Version: 17.05.0000 - Lexware GmbH & Co KG)
Quicken 2010 (x32 Version: 17.00.00.0081 - Lexware GmbH & Co. KG) Hidden
Quicken HOME & BUSINESS 2010 (HKLM-x32\...\InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}) (Version: 17.00.00.0081 - Lexware GmbH & Co. KG)
Quicken Import Export Server 2010 (HKLM-x32\...\{7DA9F24A-CEC3-426E-BFFA-ADB94D922463}) (Version: 17.00.00.0048 - Lexware GmbH & Co. KG)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5864 - Realtek Semiconductor Corp.)
RENESIS® Player Browser Plugins (HKLM-x32\...\{62B7C52C-CAB6-48B1-8245-52356C141C92}) (Version: 1.1.1 - examotion® GmbH)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.4.0 - SAMSUNG Electronics Co., Ltd.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Schafkopf & Doppelkopf Deluxe DEMO 1.0 (HKLM-x32\...\{98BA5D38-461D-415B-A651-2120D6994FC5}_is1) (Version: Schafkopf & Doppelkopf Deluxe DEMO - Zone 2 Media GmbH)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.29 - LG Electronics Inc.)
Security-Plugin-Secoder (HKLM-x32\...\SecurityPluginSecoder) (Version: 2.4.0.0 - PPI AG, Hamburg, Germany)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SoundTouch (HKLM-x32\...\{42DA7251-AA96-484D-8190-F1BA53C75AFD}) (Version: 7.2.21.8752 - BOSE)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncDroid version 1.2.5 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.5 - JunTu Software, Inc.)
Tablet Driver With Macrokey Manager (HKLM\...\RmTablet) (Version:  - )
TAPI Services for FRITZ!Box (HKLM\...\{8505C641-422E-4E3C-B6B0-0F070E289FDD}) (Version: 1.0.4 - AVM Berlin)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Tengwar Mode Editor (HKLM-x32\...\Tengwar Mode Editor) (Version:  - )
Tengwar Scribe (HKLM-x32\...\Tengwar Scribe) (Version:  - )
Texas Instruments TUSB3410 drivers. (HKLM-x32\...\InstallShield_{FA66245E-0E77-40D5-94A4-CB7AB753034F}) (Version: 6.5.9019.1 - Texas Instruments Inc.)
The Room (HKLM-x32\...\Steam App 288160) (Version:  - Fireproof Games)
Total Immersion D'Fusion @Home Web Plug-In (HKLM-x32\...\D'Fusion @Home Web Plug-In) (Version:  - Total Immersion)
Trendpoker 3D - Texas Hold'em Poker (HKLM-x32\...\{1395FC46-F870-4F09-A48D-959213281E08}_is1) (Version: 1.9 - BUFOproject)
TUSB3410 (x32 Version: 6.5.9019.1 - Texas Instruments Inc.) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnInstall MyScriptStylus (HKLM-x32\...\MyScript Stylus_is1) (Version:  - Vision Objects)
USB2.0 Card Reader Software (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.0.6000.75 - Realtek)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
V-Drums Friend Jam (x32 Version: 4.0.2 - Roland Corporation) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}) (Version: 8.0.0.35 - GRISOFT, s.r.o.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone (HKLM-x32\...\{3AAB5D08-28EA-4A4F-88C5-6906B880E81B}) (Version: 0.9.3426.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Xilisoft iPhone Klingelton Maker (HKLM-x32\...\Xilisoft iPhone Ringtone Maker) (Version: 2.0.4.0226 - Xilisoft)
Xilisoft Video Converter Standard (HKLM-x32\...\Xilisoft Video Converter Standard) (Version: 5.1.39.0409 - Xilisoft)
XING Connector 1.2 (HKLM\...\XING Connector) (Version: 1.2 - XING AG)
Xtra Controller (HKLM-x32\...\{59579B12-97E6-437E-B988-BA032165D355}) (Version: 3.2.0.1 - Hercules)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{01E9FAE9-3819-4dd9-B1D9-998A1C62D1F8}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

06-04-2015 12:32:19 Installed AVG 2015
06-04-2015 13:28:41 AVG PC TuneUp 2015 wird installiert
06-04-2015 13:37:07 Installed AVG 2015
06-04-2015 20:44:39 LavasoftWeCompanion
08-04-2015 03:01:38 Windows Update
09-04-2015 17:06:09 Revo Uninstaller's restore point - AVG PC TuneUp 2015
09-04-2015 17:11:46 Revo Uninstaller's restore point - Web Companion
09-04-2015 17:56:57 Removed Java 8 Update 40
09-04-2015 18:03:23 AA11
11-04-2015 03:00:38 Windows Update
12-04-2015 03:00:19 Windows Update
13-04-2015 03:01:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-08 00:50 - 00450801 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	activate.adobe.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05C10839-A3A2-42A1-B85F-5EF5C86B65FA} - System32\Tasks\{B694620C-2086-48F1-89E9-CFF1291C9460} => pcalua.exe -a "C:\Users\***\Downloads\ddbac(1).exe" -d "C:\Users\***\Downloads"
Task: {090F67E6-4FAD-476D-B4F8-AAC4A6C72C6F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-05-26] (Microsoft Corporation)
Task: {1270FEC0-5181-41BA-9225-C6CC97F03C0E} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-08] ()
Task: {1ED730EA-A80C-4C59-BCF6-EB441FD2C55F} - System32\Tasks\{3AAF266F-B930-4ADC-8B94-784B601CF329} => pcalua.exe -a "C:\Program Files (x86)\EcrSystem\Uninstall.exe" -d "C:\Program Files (x86)\EcrSystem"
Task: {1F21406E-F8A4-41AB-80C2-A07857128F81} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {21A02C1B-1DC5-40C2-B8FE-90B36A043E88} - System32\Tasks\{37474F1E-DD2E-46ED-A5E3-6B41977D1A59} => pcalua.exe -a D:\LxSetup.exe -d D:\
Task: {2A1349A8-768C-4712-BC8B-BC2831EA2C4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {3117EE58-ABA2-412D-93BB-09F2FD6F8B3A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {40F40A85-F434-4F9A-9EB9-3F0EA7D71643} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2014-01-28] (Abelssoft)
Task: {42376701-A647-4B1C-8431-396A7212C35A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {50765239-4913-4346-B51F-B15422AD21FA} - System32\Tasks\{553DA046-FD29-4C8A-B792-0696B54E8992} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25] (Skype Technologies S.A.)
Task: {590B87E2-1F51-4373-BE90-51D74F668D9F} - System32\Tasks\{3050EFDC-0E6B-4F44-B0D7-92BBD7FCE85E} => pcalua.exe -a "C:\Users\***\Documents\DVDVideoSoft\DVSUninstall.exe" -d "C:\Users\***\Documents\DVDVideoSoft"
Task: {64086D9D-9AF9-4C49-88EC-5BF76B67D242} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {65EE0053-A5AD-4451-8837-87AD8E0C3010} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-12-20] ()
Task: {67B57B45-1A48-4092-B828-D9D7A328CB81} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {6D322EAC-FAE7-406E-BD69-EF074ABF7088} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {95627600-61A7-4BD7-8645-F880718F5C2A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {9F908E6D-ABCD-4D00-AEC2-8713A99F6D9C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A4CA6E45-2C72-499F-AA43-F15A9A86C977} - System32\Tasks\{73BE966D-7EB5-479A-9376-5C03F7473200} => pcalua.exe -a "C:\Program Files (x86)\Azureus\Uninstall.exe"
Task: {A5932482-6FC9-4CFA-9297-6E242EF94219} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A819B4A6-226B-4412-BF66-507EA8BC9607} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {A85089BA-1EBB-4F91-ADD5-8FF7288D21D3} - System32\Tasks\{E8907E42-18F3-452E-83B0-28BC62D071AD} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.166.259/de/go/help.faq.installer?LastError=1641
Task: {B55C24FC-012A-49CF-8E63-CBFF51DED791} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2014-02-24] (File Type Advisor)
Task: {B7AE76E1-D1BD-41E6-A93C-7B5FCB47E4C7} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?LinkId=116866
Task: {BC201058-B2D2-4D5E-A9D0-66F21678082F} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-05-21] (Microsoft Corporation)
Task: {BC3D8A10-8DE7-4973-8662-CDB641E1BD88} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4B68FF7-4F7F-436C-89B1-15AEAB5DBFD7} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-10-19] ()
Task: {CE5A8F34-74C2-40F4-AB36-4EEEA3729642} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2014-02-24] (                                                            )
Task: {E07E5FF7-CDFE-4871-BD81-4EC82C2B5001} - System32\Tasks\Automatische Wartung => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\WO2010cbe.exe [2009-12-21] (Ashampoo GmbH & Co. KG)
Task: {E2F4204B-C97D-461F-BE56-A54C4AD36690} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E74E6F9F-EF7D-46ED-9AE7-E4FAE1CFF691} - System32\Tasks\AdobeAAMUpdater-1.0-INES_BUERO-*** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {F6999B19-E08C-4C05-B392-BA5DA664D3C7} - System32\Tasks\HP AR Program Upload - 95a8ddc2446f48688600bed5f8a5c0368c0661a8620f42c7877bb19b9936bdf3 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Automatische Wartung.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\WO2010cbe.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) ==============

2009-11-10 19:04 - 2006-02-23 13:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2009-11-10 19:04 - 2006-02-22 12:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2009-10-19 17:26 - 2009-03-02 14:06 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2011-09-15 13:06 - 2011-09-15 13:06 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2011-02-12 21:20 - 2011-01-17 21:09 - 00914664 _____ () C:\Windows\system32\atwtusb.exe
2012-11-19 08:34 - 2012-12-29 10:40 - 00087480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-17 17:30 - 2013-06-12 15:54 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-02-12 21:20 - 2010-12-24 16:30 - 07319784 _____ () C:\Windows\System32\WTMKM.exe
2012-07-02 09:11 - 2012-07-02 09:11 - 02498048 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2014-10-17 17:30 - 2013-06-26 10:56 - 00241664 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
2012-07-03 14:21 - 2012-07-03 14:21 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-07-03 14:21 - 2012-07-03 14:21 - 00754376 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 05607416 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\AdAwareUpdater.exe
2015-03-10 18:52 - 2015-03-10 18:52 - 03396064 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\RCF.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00055320 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00125464 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00024080 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00107024 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00033296 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00499728 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 02144248 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 03897344 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\AdAwareUpdaterKernel.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00456224 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_program_options-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00785936 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 00391152 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\Statistics.dll
2015-03-10 18:52 - 2015-03-10 18:52 - 06710800 _____ () C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.6.306.7947\AdAwareUpdaterDefaultSkin.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-15 04:36 - 2013-02-15 04:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-04-10 17:01 - 2015-04-10 17:01 - 01177712 _____ () C:\Windows\TEMP\is-ONFJC.tmp\file-type-advisor.tmp
2015-04-13 18:04 - 2015-04-13 18:04 - 01177712 _____ () C:\Windows\TEMP\is-DUS0O.tmp\file-type-advisor.tmp
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-10-22 21:45 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2009-10-19 17:26 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2015-04-03 15:36 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-03 15:36 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-03 15:36 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-04-03 15:36 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-03 15:36 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-10-17 17:30 - 2013-06-12 15:54 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2012-05-16 21:01 - 2012-05-16 21:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2012-07-02 09:11 - 2012-07-02 09:11 - 00198144 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 15:22 - 2012-06-17 15:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2012-02-15 01:05 - 2012-02-15 01:37 - 11796096 _____ () C:\Users\***\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
2014-10-17 17:30 - 2013-04-24 17:47 - 00004608 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\GerRes.dll
2015-03-24 17:01 - 2014-11-11 11:19 - 01703424 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll
2015-03-24 17:01 - 2013-08-25 21:52 - 00728576 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libGLESv2.dll
2015-03-24 17:01 - 2013-08-25 21:52 - 00048128 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libEGL.dll
2015-03-24 17:01 - 2013-08-25 21:59 - 00833024 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll
2009-10-20 19:33 - 2004-07-26 17:11 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2015-04-09 18:00 - 2015-04-09 18:00 - 00043008 _____ () c:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvf9gdc.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:B801D4E2
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\***\Documents\MailOut_Bsp1.eml:OECustomProperty
AlternateDataStreams: C:\Users\***\Documents\MailOut_Bsp2.eml:OECustomProperty
AlternateDataStreams: C:\Users\***\Documents\MailOut_Bsp3.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gambali => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lexware Info Service.lnk => C:\Windows\pss\Lexware Info Service.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2010 Zahlungserinnerung.lnk => C:\Windows\pss\Quicken 2010 Zahlungserinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Startcenter.lnk => C:\Windows\pss\FRITZ!DSL Startcenter.lnk.Startup
MSCONFIG\startupfolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^klickTel OEM 2007 - Schnellstarter.lnk => C:\Windows\pss\klickTel OEM 2007 - Schnellstarter.lnk.Startup
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupOutlook => "C:\Program Files (x86)\Wisco\BackupOutlook\BackupOutlook.exe" silent
MSCONFIG\startupreg: FreeRAM XP => "C:\Program Files (x86)\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Picasa Media Detector => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: STAMPIT-Tray => C:\Program Files (x86)\STAMPIT\Binary\Stray.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UIWatcher => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

==================== Accounts: =============================

Administrator (S-1-5-21-4067268467-3182437459-1756596644-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-4067268467-3182437459-1756596644-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4067268467-3182437459-1756596644-1004 - Limited - Enabled)
*** (S-1-5-21-4067268467-3182437459-1756596644-1001 - Administrator - Enabled) => C:\Users\***
UpdatusUser (S-1-5-21-4067268467-3182437459-1756596644-1008 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10998

Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10998

Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9999

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9999

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9001

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9001

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8002


System errors:
=============
Error: (04/13/2015 03:14:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft InfoPath 2010 (KB2817369) 64-Bit-Edition

Error: (04/13/2015 03:12:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Access 2010 (KB2837601) 64-Bit-Edition

Error: (04/13/2015 03:12:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2010 (KB2920748) 64-Bit-Edition

Error: (04/13/2015 03:12:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 x64 (KB2972215)

Error: (04/12/2015 03:14:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft InfoPath 2010 (KB2817369) 64-Bit-Edition

Error: (04/12/2015 03:12:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Access 2010 (KB2837601) 64-Bit-Edition

Error: (04/12/2015 03:12:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2010 (KB2920748) 64-Bit-Edition

Error: (04/12/2015 03:11:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 x64 (KB2972215)

Error: (04/11/2015 03:16:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft InfoPath 2010 (KB2817369) 64-Bit-Edition

Error: (04/11/2015 03:15:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Access 2010 (KB2837601) 64-Bit-Edition


Microsoft Office Sessions:
=========================
Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10998

Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10998

Error: (04/13/2015 06:53:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9999

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9999

Error: (04/13/2015 06:53:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9001

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9001

Error: (04/13/2015 06:53:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2015 06:53:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8002


CodeIntegrity Errors:
===================================
  Date: 2015-04-13 05:52:34.443
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-13 03:00:49.282
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-12 16:58:39.847
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-12 13:02:45.754
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-12 12:01:33.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-12 11:40:58.420
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-10 07:29:28.029
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-10 07:08:56.785
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-10 06:44:20.905
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-09 18:00:23.692
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 31%
Total physical RAM: 6142.49 MB
Available physical RAM: 4177.65 MB
Total Pagefile: 12283.17 MB
Available Pagefile: 8156.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:601.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:931.5 GB) (Free:873.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BF2EBF2E)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: DF8203A6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)

==================== End Of Log ============================
         


Alt 13.04.2015, 19:58   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Zitat:
127.0.0.1 activate.adobe.com
Sehr deutliches Zeichen, dass du gecrackte Adobe Software installiert hast. Wahrscheinlich Adobe Photoshop CS4. Das muss deinstalliert werden, erst dann geht es hier weiter.

Außerdem seh ich da einiges, was auf gewerbliche Nutzung des Rechners schließen lässt, zB sowas von Lexware oder DATA BECKER PDF Professionell. Lies daher unsere Richtlinie zum Umgang mit gewerblich genutzten Systemen => http://www.trojaner-board.de/108422-...-anfragen.html
__________________
--> Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name

Alt 13.04.2015, 20:08   #7
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



PS4 ist gelöscht...

Bzgl. des Rechner...das ist wirklich ausschließlich mein privater Rechner. Nebenberuflich habe ich mal selbstst. gearbeitet. Auf Grund dessen das Lexware Rechnungsprogramm. PDF Prof. & Quicken nutze ich schon seit Jahren rein privat.

Alt 13.04.2015, 20:11   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.04.2015, 21:53   #9
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.201 - Bericht erstellt 13/04/2015 um 21:57:36
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-08.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : xxx 
# Gestarted von : C:\Users\xxx\Downloads\AdwCleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v37.0.1 (x86 de)


-\\ Google Chrome v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [42080 Bytes] - [05/04/2015 10:33:51]
AdwCleaner[R1].txt - [967 Bytes] - [05/04/2015 14:33:53]
AdwCleaner[R2].txt - [1025 Bytes] - [05/04/2015 14:54:15]
AdwCleaner[R3].txt - [1269 Bytes] - [07/04/2015 18:46:11]
AdwCleaner[R4].txt - [1203 Bytes] - [07/04/2015 19:05:08]
AdwCleaner[R5].txt - [1349 Bytes] - [13/04/2015 21:32:58]
AdwCleaner[R6].txt - [402 Bytes] - [13/04/2015 21:51:06]
AdwCleaner[R7].txt - [1618 Bytes] - [13/04/2015 21:55:06]
AdwCleaner[S0].txt - [36641 Bytes] - [05/04/2015 10:38:00]
AdwCleaner[S1].txt - [1272 Bytes] - [07/04/2015 18:51:54]
AdwCleaner[S2].txt - [1362 Bytes] - [13/04/2015 21:37:51]
AdwCleaner[S3].txt - [1538 Bytes] - [13/04/2015 21:57:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1597  Bytes] ##########
         
--- --- ---


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.4 (04.13.2015:1)
OS: Windows 7 Professional x64
Ran by xxx on 13.04.2015 at 22:20:35,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\b8k4buhw.default-1428421863067\prefs.js

user_pref(CT2319825.searchProtector.notifyChanges, {\dataType\:\string\,\data\:\false\});
user_pref(CT2431245.searchProtector.notifyChanges, {\dataType\:\string\,\data\:\false\});
Emptied folder: C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\b8k4buhw.default-1428421863067\minidumps [111 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.04.2015 at 22:27:52,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by xxx (administrator) on xxx on 13-04-2015 22:30:25
Running from C:\Users\xxx\Desktop
Loaded Profiles: xxx xxx (Available profiles: xxx & UpdatusUser & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(File Type Advisor) C:\Program Files (x86)\File Type Advisor\fileadvisor.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Gemalto N.V.) C:\Users\xxx\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Bose Corporation) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookInst32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7834656 2009-06-02] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-06-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-15] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-04-04] (CANON INC.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2342800 2009-05-21] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-05-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MacrokeyManager] => C:\Windows\system32\WTMKM.exe [7319784 2010-12-24] ()
HKLM\...\Run: [CamserviceHD] => C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe [360448 2009-07-07] (Guillemot Corporation S.A.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2006-11-29] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [KnexStarter] => C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe [159744 2009-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [RunTasktray] => C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe [101376 2009-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DivX Download Manager] => C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe [63360 2010-12-08] (DivX, LLC)
HKLM-x32\...\Run: [CamserviceHD] => C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe [360448 2009-07-07] (Guillemot Corporation S.A.)
HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe [1082880 2014-12-11] (Bose Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Creative MediaSource Go] => C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe [204800 2006-11-09] (Creative Technology Ltd)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2498048 2012-07-02] ()
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\***\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2013-05-15] (Gemalto N.V.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [693288 2013-11-07] (LG Electronics)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\FlowSync.exe [1125376 2014-11-11] (Polar Electro Oy)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [UIWatcher] => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [3508568 2009-02-23] (ashampoo GmbH & Co. KG)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-18\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PIPModeResolutionUtility.lnk
ShortcutTarget: PIPModeResolutionUtility.lnk -> C:\Program Files (x86)\LG Electronics\Auto Resolution\bin\AppResUtilityService.exe (LG Electronics)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP Print View Resource Center.lnk
ShortcutTarget: HP Print View Resource Center.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe (Hewlett-Packard)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600.lnk
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * bddel.exesdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -  No File
SearchScopes: HKLM-x32 -> {6B565918-AFF6-4bae-AC3F-63F626BDE74D} URL = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=de&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
SearchScopes: HKLM-x32 -> {EF742892-2E03-485a-BAFD-8834EFA69EA5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Professionell 4 - {6B63DEFC-F1F3-4148-845E-EA53E2AB5F28} - C:\Program Files (x86)\DATA BECKER\PDF Professionell 4\PDF4IE.dll [2009-04-02] (DATA BECKER)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab
Handler-x32: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067
FF NewTab: about:blank
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-02] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-02] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-07-25] (RocketLife, LLP)
FF Plugin-x32: @t-immersion.com/DFusionHomeWebPlugIn -> C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll [2011-06-30] (Total Immersion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4067268467-3182437459-1756596644-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\xxx\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-4067268467-3182437459-1756596644-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NP_SecurityPluginSecoder.dll [2008-08-04] (PPI AG)
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\englische-ergebnisse.xml [2014-10-19]
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\gmx-suche.xml [2014-10-19]
FF SearchPlugin: C:\Usersxxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\lastminute.xml [2014-10-19]
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\webde-suche.xml [2014-10-19]
FF Extension: Amazon-Icon - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\amazon-icon@giga.de [2015-04-07]
FF Extension: FRITZ!Box AddOn - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\fb_add_on@avm.de [2015-04-07]
FF Extension: iCloud Bookmarks - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\firefoxdav@icloud.com [2015-04-07]
FF Extension: Fox Sec 7 - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\fx@foxysecureKDJJHVLSDUVFU.com [2015-04-07]
FF Extension: GutscheinRausch.de - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\jl@leimbach-it.de [2015-04-07]
FF Extension: YouTube to MP3 - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\youtube2mp3@mondayx.de [2015-04-07]
FF Extension: Vista-aero - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{07b2a769-ed19-4483-87ce-c643914c81bb} [2015-04-07]
FF Extension: FT DeepDark - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-04-07]
FF Extension: HP Detect - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2015-04-07]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2015-04-07]
FF Extension: DHL Toolbar - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{edc0b8a5-c050-4bb2-b785-a623b4515abf} [2015-04-07]
FF Extension: Add to Amazon Wish List Button - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\amznUWL2@amazon.com.xpi [2015-04-07]
FF Extension: NASA Night Launch - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\nasanightlaunch@example.com.xpi [2015-04-07]
FF Extension: Speed Notifier - C:\Usersxxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{724b5eec-c5c6-4050-9cf3-dbc61f95dd08}.xpi [2015-04-07]
FF Extension: ImTranslator - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2015-04-07]
FF Extension: {a5502a73-43ea-4973-8eb1-ca156bc13cc5} - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{a5502a73-43ea-4973-8eb1-ca156bc13cc5}.xpi [2015-04-07]
FF Extension: Video DownloadHelper - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-07]
FF Extension: Facebook Share Button - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{d4e0dc9c-c356-438e-afbe-dca439f4399d}.xpi [2015-04-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-04-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-04-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-11]
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-11-24]
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ldncbx20.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DivX HiQ) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-19]
CHR Extension: (preisspion.de) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo [2011-11-26]
CHR Extension: (Skype Click to Call) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-11-26]
CHR Extension: (PicBadges) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjkknncnlepghplinfpikcijdbmidbg [2012-06-09]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-19]
CHR HKLM\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\xxx\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-10-19]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM-x32\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
S2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [654640 2009-04-15] (REINER SCT)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2009-10-19] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2009-10-19] (Creative Labs) [File not signed]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [425984 2008-04-30] (Creative Technology Ltd) [File not signed]
S2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [File not signed]
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-03-02] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-05] (Google)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [97432 2007-04-13] () [File not signed]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-03-12] (Lavasoft Limited)
S2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [647242 2005-11-08] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WPEServ; C:\Program Files (x86)\Common Files\WPE\wpeserv.exe [339968 2008-10-30] (soft Xpansion) [File not signed]
S2 WTService; C:\Windows\system32\atwtusb.exe [914664 2011-01-17] () [File not signed]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2011-02-08] () [File not signed]
R1 acedrv08; C:\Windows\system32\drivers\acedrv08.sys [133856 2013-10-03] ()
R1 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [134880 2011-02-08] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [43320 2007-06-13] (REINER SCT)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-13] (Devguru Co., Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Guillemot Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-07] (Malwarebytes Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31264 2009-11-16] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31264 2009-11-16] (RapidSolution Software AG)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RTS5121.sys [208384 2008-11-21] (Realtek Semiconductor Corp.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-09-14] (Sony Ericsson Mobile Communications)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\USBSER.sys [25600 2014-04-11] (Microsoft Corporation) [File not signed]
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S3 zebrbus; C:\Windows\System32\DRIVERS\zebrbus.sys [108544 2010-09-14] (MCCI)
S3 zebrmdfl; C:\Windows\System32\DRIVERS\zebrmdfl.sys [18944 2010-09-14] (MCCI Corporation)
S3 zebrmdm; C:\Windows\System32\DRIVERS\zebrmdm.sys [145408 2010-09-14] (MCCI)
S3 zebrmdmc; C:\Windows\System32\DRIVERS\zebrmdmc.sys [145408 2010-09-14] (MCCI)
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 Rts516xIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 22:30 - 2015-04-13 22:31 - 00038873 _____ () C:\Users\xxx\Desktop\FRST.txt
2015-04-13 22:17 - 2015-04-13 17:58 - 02687136 _____ (Thisisu) C:\Users\xxx\Desktop\JRT_NEW.exe
2015-04-13 21:50 - 2015-04-13 21:50 - 02217984 _____ () C:\Usersxxx\Downloads\AdwCleaner_4.201.exe
2015-04-13 20:32 - 2015-04-13 22:01 - 00000168 _____ () C:\Windows\setupact.log
2015-04-13 20:32 - 2015-04-13 20:32 - 00000872 _____ () C:\Windows\PFRO.log
2015-04-13 20:32 - 2015-04-13 20:32 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-13 20:23 - 2015-04-13 20:26 - 00067030 _____ () C:\Users\xxx\Downloads\Addition.txt
2015-04-13 20:19 - 2015-04-13 20:26 - 00107973 _____ () C:\Users\xxx\Downloads\FRST.txt
2015-04-13 20:18 - 2015-04-13 22:30 - 00000000 ____D () C:\FRST
2015-04-13 20:18 - 2015-04-13 20:18 - 02096640 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2015-04-13 06:46 - 2015-04-13 06:46 - 00682360 _____ () C:\Users\xxx\Downloads\Setup.exe
2015-04-09 17:04 - 2015-04-09 17:04 - 00001246 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2015-04-09 17:04 - 2015-04-09 17:04 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-04-09 17:03 - 2015-04-09 17:03 - 01203488 _____ () C:\Usersxxx\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-04-08 00:50 - 2009-10-19 19:33 - 00000852 _____ () C:\Windows\system32\Drivers\etc\hosts.20150408-005003.backup
2015-04-07 18:21 - 2015-04-07 18:21 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-07 18:21 - 2015-04-07 18:21 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-07 18:20 - 2015-04-07 18:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 18:16 - 2015-04-07 18:17 - 00243656 _____ () C:\Users\xxx\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-07 17:51 - 2015-04-07 17:51 - 00000000 ____D () C:\Users\xxx\Desktop\Alte Firefox-Daten
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-04-06 20:58 - 2015-04-06 20:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-06 13:52 - 2015-04-06 13:52 - 00003738 _____ () C:\Windows\System32\Tasks\DivX Update
2015-04-06 13:34 - 2015-04-06 13:34 - 00002193 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2015-04-06 13:34 - 2015-04-06 13:34 - 00002183 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-04-06 13:34 - 2015-02-25 09:25 - 00041784 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-04-06 13:34 - 2015-02-25 09:24 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-04-06 13:34 - 2015-02-25 09:24 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-04-06 13:33 - 2015-04-06 13:33 - 00000000 ____D () C:\Usersxxx\AppData\Roaming\AVG
2015-04-06 13:28 - 2015-04-06 13:28 - 00000000 ____D () C:\Users\xxx\AppData\Local\Avg
2015-04-06 12:41 - 2015-04-06 13:34 - 00000000 ____D () C:\ProgramData\AVG
2015-04-06 12:30 - 2015-04-06 12:30 - 04818760 _____ (AVG Technologies) C:\Users\xxx\Downloads\avg_avc_stb_all_2015_ltst_197.exe
2015-04-06 12:29 - 2015-04-06 12:31 - 113398072 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_tuh_stf_all_2015_403_24c43.exe
2015-04-06 10:12 - 2015-04-06 10:30 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-06 10:12 - 2015-04-06 10:12 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 06:07 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-06 06:07 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-04-06 03:10 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-06 03:10 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-04-05 11:20 - 2015-04-05 11:20 - 02347384 _____ (ESET) C:\Users\xxx\Downloads\esetsmartinstaller_deu.exe
2015-04-05 11:00 - 2015-04-05 11:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-INES_BUERO-Windows-7-Professional-(64-bit).dat
2015-04-05 11:00 - 2015-04-05 11:00 - 00000000 ____D () C:\RegBackup
2015-04-05 10:58 - 2015-04-05 10:58 - 02690981 _____ (Thisisu) C:\Users\xxx\Downloads\JRT.exe
2015-04-05 10:33 - 2015-04-13 21:57 - 00000000 ____D () C:\AdwCleaner
2015-04-05 10:32 - 2015-04-05 10:33 - 02208768 _____ () C:\Users\xxx\Downloads\AdwCleaner_4.200.exe
2015-04-05 08:44 - 2015-04-05 08:44 - 00074813 _____ () C:\Windows\system32\ScanResults.xml
2015-04-05 08:34 - 2015-04-05 08:34 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-04-05 03:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-05 03:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-04-05 03:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-05 03:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-05 03:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-04-05 03:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-04-05 03:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-05 03:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-04 21:25 - 2015-04-04 21:25 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\AVG2015
2015-04-04 21:23 - 2015-04-04 21:23 - 00000941 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-04-04 21:23 - 2015-04-04 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-04 21:21 - 2015-04-04 21:24 - 00000000 ____D () C:\ProgramData\AVG2015
2015-04-04 21:00 - 2015-04-04 21:21 - 00000000 ___HD () C:\$AVG
2015-04-04 20:57 - 2015-04-13 22:09 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-04 20:57 - 2015-04-04 21:31 - 00000000 ____D () C:\Users\xxx\AppData\Local\Avg2015
2015-04-04 20:57 - 2015-04-04 20:57 - 00000000 ____D () C:\Users\xxx\AppData\Local\MFAData
2015-04-04 20:52 - 2015-04-04 20:55 - 183952072 _____ (AVG Technologies) C:\Users\xxx\Downloads\avg_free_x64_all_2015_ltst_221.exe
2015-04-04 20:47 - 2015-04-04 20:47 - 00000000 ____D () C:\ProgramData\e8695c1761ea40c9b7cd0a58277d03ae
2015-04-04 14:32 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-04 14:32 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-04 14:32 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-04 14:32 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-04 14:32 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-04-04 14:32 - 2014-12-11 19:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-04 14:32 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-04 14:32 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-04 14:32 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-04-04 14:32 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-04-04 14:32 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-04-04 14:32 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-04-04 14:31 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-04 14:31 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-04-04 14:31 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-04 14:31 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-04-04 14:31 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-04 14:31 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-04 14:31 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-04 14:31 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-04 14:31 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-04 14:31 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-04 14:31 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-04 14:31 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-04 14:31 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-04 14:31 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-04-04 14:31 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-04-04 14:31 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-04-04 14:31 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-04-04 14:31 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-04-04 14:31 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-04-04 14:31 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-04 14:31 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-04 14:31 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-04 14:31 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-04 14:31 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-04-04 14:31 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-04 14:31 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-04 14:31 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-04 14:31 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-04 14:31 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-04 14:31 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-04-04 14:31 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-04 14:31 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-04 14:31 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-04-04 14:30 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-04 14:30 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-04-04 14:30 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-04 14:30 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-04 14:30 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-04-04 14:30 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-04 14:30 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-04 14:30 - 2014-08-21 08:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-04 14:30 - 2014-08-21 08:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-04 14:30 - 2014-08-21 08:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-04 14:30 - 2014-08-21 08:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-04 14:30 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-04 14:30 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-04-04 14:30 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-04 14:30 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-04-04 14:30 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-04 14:30 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-04 14:30 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-04-04 14:30 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-04-04 14:30 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-04 14:30 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-04 14:29 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-04 14:29 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-04 14:29 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-04 14:29 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-04 14:29 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-04 14:29 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-04 14:29 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-04 14:29 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-04 14:29 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-04 14:29 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-04 14:29 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-04 14:29 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-04 14:29 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-04 14:29 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-04 14:29 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-04 14:29 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-04 14:29 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-04 14:29 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-04 14:29 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-04-04 14:29 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-04 14:29 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-04 14:29 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-04-04 14:29 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-04 14:29 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-04-04 14:29 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-04 14:29 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-04-04 14:29 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-04-04 14:29 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-04 14:29 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-04 14:29 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-04-04 14:29 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-04-04 14:29 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-04-04 14:29 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-04 14:29 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-04-04 14:29 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-04 14:28 - 2015-02-23 12:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-04 14:28 - 2015-02-23 12:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-04 14:28 - 2015-02-23 12:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-04 14:28 - 2015-02-23 12:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-04 14:28 - 2015-02-23 12:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-04 14:28 - 2015-02-23 12:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-04 14:28 - 2015-02-23 11:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-04 14:28 - 2015-02-23 10:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-04 14:28 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-04 14:28 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-04 14:28 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-04 14:28 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-04 14:28 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-04 14:28 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-04 14:28 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-04 14:28 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-04 14:28 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-04 14:28 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-04 14:27 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-04 14:27 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-04 14:27 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-04 14:27 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-04 14:27 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-04 14:27 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-04 14:27 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-04 14:27 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-04-04 14:27 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-04 14:27 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-04-04 14:27 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-04 14:27 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-04 14:27 - 2014-10-04 04:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-04 14:27 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-04 14:27 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-04 14:27 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-04 14:27 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-04-04 14:27 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-04-04 14:27 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-04 14:27 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-04-04 14:27 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-04-04 14:27 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-04 14:27 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-04-04 14:27 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-04-04 14:27 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-04-04 14:26 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-04 14:26 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-04 14:26 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-04-04 14:26 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-04 14:26 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-04 14:26 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-04 14:26 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-04 14:26 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-04 14:26 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-04 14:26 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-04-04 14:26 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-04 14:26 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-04 14:26 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-04 14:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-04 14:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-04 14:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-04 14:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-04-04 14:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-04 14:26 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-04 14:26 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-04 14:26 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-04 14:26 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-04 14:26 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-04 14:26 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-04 14:26 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-04 14:26 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-04 14:26 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-04 14:26 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-04-04 14:26 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-04-04 14:26 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-04 14:26 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-04 14:26 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-04-04 14:26 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-04-04 14:25 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-04 14:25 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-04 14:25 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-04 14:25 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-04 14:23 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-04 14:23 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-04-04 12:22 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-04 12:22 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-04 12:22 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-04 12:22 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-04 12:21 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-04 12:21 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-04 12:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-04 12:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-04 12:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-04 12:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-04 08:26 - 2015-04-04 08:26 - 00030998 _____ () C:\Windows\SysWOW64\bddel.dat
2015-04-03 20:53 - 2015-04-07 18:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-03 20:53 - 2015-04-03 20:53 - 00001082 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-03 20:53 - 2015-04-03 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-03 20:53 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-03 20:53 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-03 20:53 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-03 20:49 - 2015-04-03 20:49 - 00000000 ____D () C:\Users\xxx\Documents\Simply Super Software
2015-04-03 20:18 - 2015-04-03 20:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-03 16:12 - 2015-04-03 16:12 - 00000000 ____D () C:\Users\xxx\Documents\ProcAlyzer Dumps
2015-04-03 16:10 - 2015-04-03 16:10 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\xxx\Downloads\spybot2-license.exe
2015-04-03 15:36 - 2015-04-03 16:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-03 15:36 - 2015-04-03 15:36 - 00001373 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-04-03 15:36 - 2015-04-03 15:36 - 00001361 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-04-03 15:36 - 2015-04-03 15:36 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-04-03 15:36 - 2015-04-03 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-04-03 15:36 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-04-03 15:35 - 2015-04-06 18:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-03 15:34 - 2015-04-03 15:34 - 00000000 ____D () C:\Usersxxx\AppData\Roaming\TrojanHunter
2015-04-03 12:58 - 2015-04-03 20:46 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.6
2015-04-03 12:58 - 2015-04-03 12:58 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2015-04-03 12:47 - 2015-04-03 12:52 - 00025204 _____ () C:\Windows\system32\bddel.dat
2015-04-03 12:13 - 2015-04-03 12:13 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\LavasoftStatistics
2015-04-03 12:12 - 2015-04-03 12:12 - 00000000 ____D () C:\Users\xxx\AppData\Local\Lavasoft
2015-04-03 12:11 - 2015-04-03 12:11 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-04-03 12:08 - 2015-04-03 12:08 - 00000000 ____D () C:\Program Files\Lavasoft
2015-04-03 12:07 - 2015-04-03 12:10 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Lavasoft
2015-04-03 12:07 - 2015-04-03 12:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2015-04-03 12:05 - 2015-04-03 12:10 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-04-03 12:05 - 2015-04-03 12:05 - 02071768 _____ () C:\Users\xxx\Downloads\AdAware116WebInstaller.exe
2015-04-03 11:48 - 2015-04-13 22:21 - 01262609 _____ () C:\Windows\WindowsUpdate.log
2015-04-03 11:21 - 2015-04-13 22:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 11:08 - 2015-04-03 11:08 - 00000000 ____D () C:\ProgramData\Licenses
2015-04-03 11:06 - 2015-04-03 20:47 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-04-03 11:05 - 2015-04-03 11:05 - 35218576 _____ (Simply Super Software ) C:\Users\xxx\Downloads\trjsetup692.exe
2015-04-03 08:10 - 2015-04-04 23:10 - 00000000 ____D () C:\Program Files (x86)\new game
2015-04-02 16:46 - 2015-04-03 11:48 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\xxx\AppData\Roaming\xqi4HgB8PWds
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\xxx\AppData\Roaming\n8WoXTR
2015-03-26 19:39 - 2015-03-26 17:32 - 00146432 _____ (Oracle Corporation) C:\Windows\SysWOW64\javacpl.cpl
2015-03-26 17:34 - 2015-03-26 17:33 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-24 17:01 - 2015-04-12 09:29 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-24 17:01 - 2015-03-24 17:01 - 00001125 _____ () C:\Users\Public\Desktop\Polar FlowSync.lnk
2015-03-24 17:00 - 2015-03-24 17:00 - 21743168 _____ (Polar Electro Oy ) C:\Users\xxx\Downloads\FlowSync_2.3.8.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 22:19 - 2014-10-14 15:53 - 00000000 ____D () C:\Users\xxx\AppData\Local\CrashDumps
2015-04-13 22:12 - 2009-07-14 06:45 - 00015040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-13 22:12 - 2009-07-14 06:45 - 00015040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-13 22:07 - 2012-12-02 15:21 - 00000000 ___RD () C:\Users\xxx\Dropbox
2015-04-13 22:07 - 2012-12-02 14:54 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Dropbox
2015-04-13 22:04 - 2012-07-15 14:28 - 00000000 ____D () C:\Users\xxx\.rainlendar2
2015-04-13 22:04 - 2009-10-19 17:26 - 00000144 _____ () C:\service.log
2015-04-13 22:03 - 2009-07-14 04:34 - 00000675 _____ () C:\Windows\win.ini
2015-04-13 22:02 - 2010-12-11 10:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-13 22:01 - 2009-10-19 17:42 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-04-13 22:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-13 21:56 - 2013-08-29 20:33 - 00000348 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-04-13 21:56 - 2010-12-11 10:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 21:36 - 2011-02-13 12:11 - 00000000 ____D () C:\Users\xxx\Documents\Outlook-Dateien
2015-04-13 21:35 - 2009-10-19 22:20 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Skype
2015-04-13 21:01 - 2012-04-02 07:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-13 20:57 - 2014-12-05 21:38 - 00000000 ____D () C:\Usersxxx\AppData\Local\53D5E25F-F10A-46BE-88F0-592E11C5253C.aplzod
2015-04-12 12:01 - 2010-02-07 13:32 - 00000454 _____ () C:\Windows\Tasks\Automatische Wartung.job
2015-04-10 11:02 - 2010-09-20 19:53 - 00000000 ____D () C:\Users\xxx\Documents\Ines
2015-04-09 18:00 - 2012-12-02 15:21 - 00001034 _____ () C:\Users\xxx\Desktop\Dropbox.lnk
2015-04-09 18:00 - 2012-12-02 15:20 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 17:48 - 2009-07-14 06:45 - 05289880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-09 17:44 - 2012-05-15 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-09 17:44 - 2010-06-04 07:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-09 17:10 - 2009-10-19 19:41 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-04-08 16:18 - 2009-10-19 17:54 - 00139064 _____ () C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-08 04:48 - 2009-10-19 21:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-08 04:29 - 2010-10-19 11:22 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-04-08 03:12 - 2010-06-05 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 17:42 - 2009-10-19 17:23 - 00000000 ____D () C:\Users\xxx
2015-04-07 17:01 - 2014-12-23 08:48 - 00003518 _____ () C:\Windows\System32\Tasks\FileAdvisorCheck
2015-04-07 17:01 - 2014-12-23 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2015-04-07 17:01 - 2014-12-23 08:48 - 00000000 ____D () C:\Program Files (x86)\File Type Advisor
2015-04-07 01:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-07 00:47 - 2014-02-19 20:33 - 00000000 ____D () C:\Users\xxx\Downloads\MyPhoneExplorer_TSV44RV02
2015-04-07 00:44 - 2014-10-19 16:46 - 00000000 ____D () C:\Usersxxx\AppData\Roaming\WHService
2015-04-06 18:55 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-06 13:51 - 2009-10-19 21:02 - 00000000 ____D () C:\Users\xxx\AppData\Local\Microsoft Help
2015-04-06 13:50 - 2014-10-17 21:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-06 13:50 - 2013-08-29 18:38 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\HpUpdate
2015-04-06 13:50 - 2012-08-15 19:08 - 00000000 ____D () C:\Users\xxx\.thumbnails
2015-04-06 13:50 - 2009-10-22 23:16 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Azureus
2015-04-06 13:50 - 2009-10-19 18:13 - 00000000 ____D () C:\Windows\Panther
2015-04-06 13:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-04-06 11:38 - 2011-07-01 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-04-06 11:37 - 2009-10-23 20:17 - 00000000 ____D () C:\Windows\pss
2015-04-06 11:34 - 2011-02-18 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-06 11:34 - 2009-12-29 18:35 - 00000000 ____D () C:\Windows\Minidump
2015-04-06 11:34 - 2009-10-22 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Registry Repair
2015-04-06 11:18 - 2009-10-19 22:20 - 00000000 ____D () C:\ProgramData\Skype
2015-04-06 11:17 - 2009-10-19 22:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-06 11:14 - 2011-09-27 08:53 - 00000000 ____D () C:\Users\xxx\AppData\Local\Htc
2015-04-06 11:14 - 2009-10-21 17:53 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-06 11:13 - 2014-12-05 21:32 - 00000000 ___RD () C:\Users\xxx\iCloudDrive
2015-04-06 11:13 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-06 10:34 - 2009-07-14 19:58 - 02982910 _____ () C:\Windows\system32\perfh007.dat
2015-04-06 10:34 - 2009-07-14 19:58 - 00886948 _____ () C:\Windows\system32\perfc007.dat
2015-04-06 10:34 - 2009-07-14 07:13 - 00006512 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-06 10:13 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-06 10:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-06 10:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-06 10:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-04-06 10:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-05 03:17 - 2013-07-19 07:16 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-04 21:25 - 2010-05-14 11:19 - 00000000 ____D () C:\Users\multiskype.INES_BUERO
2015-04-04 21:25 - 2010-05-14 11:13 - 00000000 ____D () C:\Users\multiskype
2015-04-04 21:25 - 2009-10-19 19:15 - 00000000 ____D () C:\Users\Administrator
2015-04-04 21:23 - 2014-12-12 15:23 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\TuneUp Software
2015-04-04 21:00 - 2009-10-19 19:41 - 00000000 ____D () C:\ProgramData\avg8
2015-04-04 13:18 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-04 13:01 - 2009-10-22 19:42 - 00002562 _____ () C:\Windows\diagwrn.xml
2015-04-04 13:01 - 2009-10-22 19:42 - 00001908 _____ () C:\Windows\diagerr.xml
2015-04-04 12:55 - 2014-06-13 09:08 - 00002854 _____ () C:\Windows\CompatibilityIssues.txt
2015-04-03 20:00 - 2014-12-31 12:25 - 00005584 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-04-03 20:00 - 2014-12-31 12:25 - 00002664 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-04-03 20:00 - 2014-12-31 12:25 - 00002664 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-04-03 11:20 - 2009-10-20 21:23 - 00000000 ____D () C:\Users\xxx\Documents\Backups
2015-04-03 11:18 - 2009-10-21 20:27 - 00000000 ____D () C:\Users\xxx\Documents\Tussy Anträge
2015-03-26 19:39 - 2013-10-26 17:13 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-26 17:33 - 2010-06-29 19:14 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00207272 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00206760 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00000000 ____D () C:\Program Files\Java
2015-03-26 17:32 - 2013-10-26 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-26 17:31 - 2009-10-20 18:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-24 17:01 - 2011-04-19 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polar
2015-03-24 17:01 - 2011-04-19 19:13 - 00000000 ____D () C:\Program Files (x86)\Polar

==================== Files in the root of some directories =======

2009-12-01 18:08 - 2009-12-01 18:08 - 3211264 _____ () C:\Program Files (x86)\Common FilesDDBACSetup.msi
2010-08-07 18:06 - 2010-07-22 23:40 - 2944904 _____ (Ask) C:\Program Files (x86)\Common Files\AskToolbarInstaller.exe
2013-05-15 18:32 - 2013-05-15 18:32 - 0000288 _____ () C:\Users\xxx\AppData\Roaming\.backup.dm
2011-09-12 20:20 - 2011-09-14 21:53 - 0000132 _____ () C:\Users\xxx\AppData\Roaming\Adobe BMP Format CS5 Prefs
2011-08-15 17:43 - 2011-08-15 17:43 - 0000132 _____ () C:\Users\xxx\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-01-29 01:12 - 2011-03-28 07:56 - 0001188 _____ () C:\Users\xxx\AppData\Roaming\BBMS_EXCEPTION.txt
2012-08-05 21:16 - 2012-08-05 21:16 - 0457829 _____ (Freedom Download Manager                                    ) C:\Users\xxx\AppData\Roaming\fdm-setup.exe
2012-09-23 09:44 - 2012-12-02 13:14 - 0038489 _____ () C:\Users\xxx\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2012-12-02 13:26 - 2012-12-02 13:26 - 0013021 _____ () C:\Users\xxx\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\xxx\AppData\Roaming\n8WoXTR
2012-03-28 17:06 - 2012-03-28 17:10 - 0076768 _____ () C:\Usersxxx\AppData\Roaming\Photo.jpg
2011-01-27 21:24 - 2011-10-07 18:52 - 0002002 _____ () C:\Users\xxx\AppData\Roaming\Rim.Desktop.Exception.log
2011-01-27 21:23 - 2011-12-11 13:08 - 0006063 _____ () C:\Users\xxx\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\xxx\AppData\Roaming\xqi4HgB8PWds
2012-06-09 17:12 - 2012-06-09 17:12 - 0022440 _____ () C:\Users\xxx\AppData\Local\426535460_Setup.crx
2009-11-05 19:28 - 2013-08-30 21:31 - 0036352 _____ () C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-15 19:10 - 2012-08-15 19:10 - 0000848 _____ () C:\Users\xxx\AppData\Local\recently-used.xbel
2011-04-12 19:31 - 2011-04-12 19:38 - 0000128 _____ () C:\Users\xxx\AppData\Local\Temp$$_temp.ldb
2013-08-29 18:35 - 2013-08-29 18:35 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprjxqvs.dll
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxx\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 14:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---

[/CODE]

Alt 13.04.2015, 21:58   #10
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by xxx at 2015-04-13 22:33:31
Running from C:\Users\xxx\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Album Art Downloader XUI 0.44 (HKLM-x32\...\Album Art Downloader XUI) (Version: 0.44 - hxxp://sourceforge.net/projects/album-art)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2010 (HKLM-x32\...\Ashampoo Burning Studio 2010_is1) (Version: 9.12 - ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 3.12 (HKLM-x32\...\Ashampoo UnInstaller 3_is1) (Version: 3.1.2 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2010 CBE (HKLM-x32\...\Ashampoo WinOptimizer 2010 CBE_is1) (Version: 6.5.0 - Ashampoo GmbH & Co. KG)
Audials TV (HKLM-x32\...\{1A0B8239-664B-434A-99D8-C50793513249}) (Version: 1.3.10800.0 - RapidSolution Software AG)
AudialsOne (HKLM-x32\...\{80C7431E-CB45-40F4-AB4E-090E8AD4706D}) (Version: 4.0.33916.1600 - RapidSolution Software AG)
AudioCon (HKLM-x32\...\AudioCon) (Version: 1.0 - Basement Softworks)
Auto Resolution (HKLM-x32\...\{403F1594-BC16-47A5-B365-F73CD69D720E}) (Version: 1.9 - LG Electronics Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.403 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version:  - AVM Berlin)
Azureus (HKLM-x32\...\Azureus) (Version: 2.5.0.4 - )
BackupOutlook (HKLM-x32\...\{75210106-92D4-45A9-B2B7-EC9E901DF334}_is1) (Version: 3.0.2 - Wisco)
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version:  - )
BewerbungsGenie 5 (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\{0A06F725-CD0E-4360-BEC8-F89AF54E59D2}) (Version: 1.00.000 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{6DFB01ED-2F63-4210-81B4-B1AF742C475B}) (Version: 0.6.53 - Kovid Goyal)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon iP4500 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series) (Version:  - )
Canon iP4500 series Benutzerregistrierung (HKLM-x32\...\Canon iP4500 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.2.0.10 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.3 (HKLM-x32\...\DPP) (Version: 3.3.0.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.3.0.2 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.2.0.1 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.25 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
Creative-Diagnose (HKLM-x32\...\Diagnostics 4_5) (Version:  - )
Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM-x32\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.0.0 - Business Objects)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.8.0 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAISY (HKLM-x32\...\DAISY) (Version:  - )
DATA BECKER PDF Professionell 4 (HKLM-x32\...\PDF Professionell 4_is1) (Version:  - )
DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.0.24 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
Easy Text To HTML Converter (HKLM-x32\...\Easy Text To HTML Converter) (Version: 3.0.0 - easy HTools)
EasySaver B9.0610.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
EcrSystem (HKLM-x32\...\{1C18975A-D0CE-43FB-81CC-006C82F9BE10}) (Version: 1.0.0 - EcrSystem)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Etikettendruckerei 5 (HKLM-x32\...\{59CB3794-BA8C-4DF5-8C3A-C3E3B184C35B}) (Version: 5.02.000 - )
File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version:  - )
FileZilla (remove only) (HKLM-x32\...\FileZilla) (Version:  - )
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
funScreenScraping Client Version (HKLM-x32\...\{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}) (Version: 1.0.173 - fun communications GmbH)
funScreenScraping Microsoft Systemdateien (HKLM-x32\...\{AC849092-6F19-4395-8860-BC3B82CAFE51}) (Version: 1.0.6 - fun communications GmbH)
Geometry Calculator v1.2 (HKLM-x32\...\Geometry Calculator v1.2) (Version: 1.2 - SJW Computer Resources)
Gigaset QuickSync (HKLM\...\{a325d0b9-0b5e-4ad1-9c5f-e39aa43f8c9d}) (Version: 7.1.0841.3 - Gigaset Communications GmbH)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Registry Repair 3.2.0.828 (HKLM-x32\...\Glary Registry Repair_is1) (Version:  - GlarySoft.com)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hercules Webcam Station Evolution (HKLM-x32\...\{B60D61FD-1CB1-4ED5-974E-8C959F14208E}) (Version: 4.0.2.1 - Hercules)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HP Easy Printer Care (HKLM-x32\...\HP Easy Printer Care) (Version:  - Hewlett-Packard Co.)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Print View Software (HKLM\...\{BE83E4A4-A678-4211-AF2B-2EC8ECC0AC73}) (Version: 2.0.0.1 - Hewlett-Packard)
HP Print View Software (HKLM-x32\...\HP Marketing Resources) (Version:  - Hewlett-Packard Co.)
HP Proactive Services (HKLM-x32\...\{7527CD9F-894E-47B3-9AFB-3E680E007051}) (Version: 1.6.0.37 - Ihr Firmenname)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{7A3FFA58-876F-489C-B6CF-0503916224DF}) (Version: 3.0.5617 - HTC Corporation)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Komponenten der Betriebssystemkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Ereigniskommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Gerätedatenkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Kernkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Lexware Abschreibungsrechner (HKLM-x32\...\{20DC6CD9-AAA0-4FF9-A171-D72A7BCB0910}) (Version: 9.01.04.0007 - Haufe-Lexware GmbH & Co. KG)
Lexware Abschreibungsrechner (x32 Version: 4.60.00.0000 - Lexware) Hidden
Lexware büro easy 2011 (HKLM-x32\...\{43034BED-DF67-4CC8-8D13-D18B0298F402}) (Version: 23.50.04.0059 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster (HKLM-x32\...\{C8E00BC8-D619-4081-813A-6B5BCC846534}) (Version: 9.10.00.0041 - Lexware GmbH & Co. KG)
Lexware Info Service (HKLM-x32\...\{59624372-3B85-47f4-9B04-4911E551DF1E}) (Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Lexware online banking (HKLM-x32\...\{F6995FC4-2D91-4169-B3C4-7C51B7123902}) (Version: 10.00.00.0102 - Lexware GmbH & Co. KG)
Lexware online banking 4.90 (x32 Version: 4.90 - Lexware) Hidden
Lexware reisekosten 2009 (HKLM-x32\...\{225C12AE-BB37-4EE3-8935-583E2F0E6644}) (Version: 16.00.00.0050 - Lexware)
Lexware reisekosten 2009 (x32 Version: 16.00.00.0050 - Lexware) Hidden
Lexware Sepa Check (x32 Version: 1.00.00.0003 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Zeiterfassung (HKLM-x32\...\{4119E30C-82DE-44AD-9382-631A031E1E1B}) (Version: 23.00.04.0005 - Haufe-Lexware GmbH & Co. KG)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}) (Version: 1.18.5.1 - LightScribe)
Live 8.1.5 (HKLM-x32\...\Live 8.1.5) (Version:  - )
MAGIX 3D Maker 7 Download-Version (HKLM-x32\...\MAGIX_MSI_3D7) (Version: 7.0.0.482 - MAGIX AG)
MAGIX 3D Maker 7 Download-Version (x32 Version: 7.0.0.482 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft IntelliPoint 7.0 (HKLM\...\{C74A84EC-7C5F-4C36-A4A6-381E516D643B}) (Version: 7.0.260.0 - Microsoft)
Microsoft IntelliType Pro 7.0 (HKLM\...\{850C7AF6-7376-464D-A69C-E8419EC7ACA7}) (Version: 7.0.260.0 - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector 64-Bit (HKLM\...\{95140000-0081-0407-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (HKLM\...\{95140000-007D-0409-1000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft)
Microsoft Setup Center 13.05 (HKLM-x32\...\Microsoft Setup Center 13.05_is1) (Version:  - com! - Das Computer Magazin)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
myphotobook.de (x32 Version: 1.1.0 - myphotobook GmbH) Hidden
NVIDIA 3D Vision Controller-Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OutlookAddInNet3Setup (HKLM-x32\...\{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}) (Version: 1.0.0 - Samsung)
PC Connectivity Solution (HKLM-x32\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Frames & Effects Free 1.12 (HKLM-x32\...\{CF12B794-A1EF-4211-B16F-0FB4E2FACCA6}_is1) (Version: 1.12 - Big Eagle Software KB)
Photomatix Pro Version 5.0.3 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.3 - HDRsoft Ltd)
Picasa 2 (HKLM-x32\...\Picasa2) (Version: 2.0 - Google, Inc.)
PixiePack Codec Pack (HKLM-x32\...\{9C450606-ED24-4958-92BA-B8940C99D441}) (Version: 1.1.400.0 - None)
PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version:  - )
Polar FlowSync Version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy)
PortraitPro 12.2 (HKLM\...\PortraitPro12_is1) (Version: 12.2 - Anthropics Technology Ltd.)
Power Presenter RE (HKLM-x32\...\{6AF6BFD2-D368-4F81-9B82-D3B1414351C8}) (Version:    -   )
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quicken 2010 - Servicepack 5 (HKLM-x32\...\{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}) (Version: 17.05.0000 - Lexware GmbH & Co KG)
Quicken 2010 (x32 Version: 17.00.00.0081 - Lexware GmbH & Co. KG) Hidden
Quicken HOME & BUSINESS 2010 (HKLM-x32\...\InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}) (Version: 17.00.00.0081 - Lexware GmbH & Co. KG)
Quicken Import Export Server 2010 (HKLM-x32\...\{7DA9F24A-CEC3-426E-BFFA-ADB94D922463}) (Version: 17.00.00.0048 - Lexware GmbH & Co. KG)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5864 - Realtek Semiconductor Corp.)
RENESIS® Player Browser Plugins (HKLM-x32\...\{62B7C52C-CAB6-48B1-8245-52356C141C92}) (Version: 1.1.1 - examotion® GmbH)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.4.0 - SAMSUNG Electronics Co., Ltd.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Schafkopf & Doppelkopf Deluxe DEMO 1.0 (HKLM-x32\...\{98BA5D38-461D-415B-A651-2120D6994FC5}_is1) (Version: Schafkopf & Doppelkopf Deluxe DEMO - Zone 2 Media GmbH)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.29 - LG Electronics Inc.)
Security-Plugin-Secoder (HKLM-x32\...\SecurityPluginSecoder) (Version: 2.4.0.0 - PPI AG, Hamburg, Germany)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SoundTouch (HKLM-x32\...\{42DA7251-AA96-484D-8190-F1BA53C75AFD}) (Version: 7.2.21.8752 - BOSE)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncDroid version 1.2.5 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.5 - JunTu Software, Inc.)
Tablet Driver With Macrokey Manager (HKLM\...\RmTablet) (Version:  - )
TAPI Services for FRITZ!Box (HKLM\...\{8505C641-422E-4E3C-B6B0-0F070E289FDD}) (Version: 1.0.4 - AVM Berlin)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Tengwar Mode Editor (HKLM-x32\...\Tengwar Mode Editor) (Version:  - )
Tengwar Scribe (HKLM-x32\...\Tengwar Scribe) (Version:  - )
Texas Instruments TUSB3410 drivers. (HKLM-x32\...\InstallShield_{FA66245E-0E77-40D5-94A4-CB7AB753034F}) (Version: 6.5.9019.1 - Texas Instruments Inc.)
The Room (HKLM-x32\...\Steam App 288160) (Version:  - Fireproof Games)
Total Immersion D'Fusion @Home Web Plug-In (HKLM-x32\...\D'Fusion @Home Web Plug-In) (Version:  - Total Immersion)
Trendpoker 3D - Texas Hold'em Poker (HKLM-x32\...\{1395FC46-F870-4F09-A48D-959213281E08}_is1) (Version: 1.9 - BUFOproject)
TUSB3410 (x32 Version: 6.5.9019.1 - Texas Instruments Inc.) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnInstall MyScriptStylus (HKLM-x32\...\MyScript Stylus_is1) (Version:  - Vision Objects)
USB2.0 Card Reader Software (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.0.6000.75 - Realtek)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
V-Drums Friend Jam (x32 Version: 4.0.2 - Roland Corporation) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}) (Version: 8.0.0.35 - GRISOFT, s.r.o.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone (HKLM-x32\...\{3AAB5D08-28EA-4A4F-88C5-6906B880E81B}) (Version: 0.9.3426.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Xilisoft iPhone Klingelton Maker (HKLM-x32\...\Xilisoft iPhone Ringtone Maker) (Version: 2.0.4.0226 - Xilisoft)
Xilisoft Video Converter Standard (HKLM-x32\...\Xilisoft Video Converter Standard) (Version: 5.1.39.0409 - Xilisoft)
XING Connector 1.2 (HKLM\...\XING Connector) (Version: 1.2 - XING AG)
Xtra Controller (HKLM-x32\...\{59579B12-97E6-437E-B988-BA032165D355}) (Version: 3.2.0.1 - Hercules)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{01E9FAE9-3819-4dd9-B1D9-998A1C62D1F8}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Usersxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

06-04-2015 12:32:19 Installed AVG 2015
06-04-2015 13:28:41 AVG PC TuneUp 2015 wird installiert
06-04-2015 13:37:07 Installed AVG 2015
06-04-2015 20:44:39 LavasoftWeCompanion
08-04-2015 03:01:38 Windows Update
09-04-2015 17:06:09 Revo Uninstaller's restore point - AVG PC TuneUp 2015
09-04-2015 17:11:46 Revo Uninstaller's restore point - Web Companion
09-04-2015 17:56:57 Removed Java 8 Update 40
09-04-2015 18:03:23 AA11
11-04-2015 03:00:38 Windows Update
12-04-2015 03:00:19 Windows Update
13-04-2015 03:01:17 Windows Update
13-04-2015 21:02:17 Revo Uninstaller's restore point - Adobe Photoshop CS4

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-08 00:50 - 00450801 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	activate.adobe.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05C10839-A3A2-42A1-B85F-5EF5C86B65FA} - System32\Tasks\{B694620C-2086-48F1-89E9-CFF1291C9460} => pcalua.exe -a "C:\Users\xxx\Downloads\ddbac(1).exe" -d "C:\Users\xxx\Downloads"
Task: {090F67E6-4FAD-476D-B4F8-AAC4A6C72C6F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-05-26] (Microsoft Corporation)
Task: {1270FEC0-5181-41BA-9225-C6CC97F03C0E} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-08] ()
Task: {1ED730EA-A80C-4C59-BCF6-EB441FD2C55F} - System32\Tasks\{3AAF266F-B930-4ADC-8B94-784B601CF329} => pcalua.exe -a "C:\Program Files (x86)\EcrSystem\Uninstall.exe" -d "C:\Program Files (x86)\EcrSystem"
Task: {1F21406E-F8A4-41AB-80C2-A07857128F81} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {21A02C1B-1DC5-40C2-B8FE-90B36A043E88} - System32\Tasks\{37474F1E-DD2E-46ED-A5E3-6B41977D1A59} => pcalua.exe -a D:\LxSetup.exe -d D:\
Task: {2A1349A8-768C-4712-BC8B-BC2831EA2C4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {3117EE58-ABA2-412D-93BB-09F2FD6F8B3A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {40F40A85-F434-4F9A-9EB9-3F0EA7D71643} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2014-01-28] (Abelssoft)
Task: {42376701-A647-4B1C-8431-396A7212C35A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {50765239-4913-4346-B51F-B15422AD21FA} - System32\Tasks\{553DA046-FD29-4C8A-B792-0696B54E8992} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25] (Skype Technologies S.A.)
Task: {590B87E2-1F51-4373-BE90-51D74F668D9F} - System32\Tasks\{3050EFDC-0E6B-4F44-B0D7-92BBD7FCE85E} => pcalua.exe -a "C:\Users\xxx\Documents\DVDVideoSoft\DVSUninstall.exe" -d "C:\Users\xxx\Documents\DVDVideoSoft"
Task: {64086D9D-9AF9-4C49-88EC-5BF76B67D242} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {65EE0053-A5AD-4451-8837-87AD8E0C3010} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-12-20] ()
Task: {67B57B45-1A48-4092-B828-D9D7A328CB81} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {6D322EAC-FAE7-406E-BD69-EF074ABF7088} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {95627600-61A7-4BD7-8645-F880718F5C2A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {9F908E6D-ABCD-4D00-AEC2-8713A99F6D9C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A4CA6E45-2C72-499F-AA43-F15A9A86C977} - System32\Tasks\{73BE966D-7EB5-479A-9376-5C03F7473200} => pcalua.exe -a "C:\Program Files (x86)\Azureus\Uninstall.exe"
Task: {A5932482-6FC9-4CFA-9297-6E242EF94219} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A819B4A6-226B-4412-BF66-507EA8BC9607} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {A85089BA-1EBB-4F91-ADD5-8FF7288D21D3} - System32\Tasks\{E8907E42-18F3-452E-83B0-28BC62D071AD} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.166.259/de/go/help.faq.installer?LastError=1641
Task: {B55C24FC-012A-49CF-8E63-CBFF51DED791} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2014-02-24] (File Type Advisor)
Task: {B7AE76E1-D1BD-41E6-A93C-7B5FCB47E4C7} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?LinkId=116866
Task: {BC201058-B2D2-4D5E-A9D0-66F21678082F} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-05-21] (Microsoft Corporation)
Task: {BC3D8A10-8DE7-4973-8662-CDB641E1BD88} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4B68FF7-4F7F-436C-89B1-15AEAB5DBFD7} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-10-19] ()
Task: {CE5A8F34-74C2-40F4-AB36-4EEEA3729642} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2014-02-24] (                                                            )
Task: {E07E5FF7-CDFE-4871-BD81-4EC82C2B5001} - System32\Tasks\Automatische Wartung => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\WO2010cbe.exe [2009-12-21] (Ashampoo GmbH & Co. KG)
Task: {E2F4204B-C97D-461F-BE56-A54C4AD36690} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E74E6F9F-EF7D-46ED-9AE7-E4FAE1CFF691} - System32\Tasks\AdobeAAMUpdater-1.0-xxx-xxx => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {F6999B19-E08C-4C05-B392-BA5DA664D3C7} - System32\Tasks\HP AR Program Upload - 95a8ddc2446f48688600bed5f8a5c0368c0661a8620f42c7877bb19b9936bdf3 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Automatische Wartung.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\WO2010cbe.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) ==============

2014-10-17 17:30 - 2013-06-12 15:54 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2014-06-10 20:53 - 2014-01-28 17:33 - 00019744 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2014-06-10 20:53 - 2014-01-28 17:33 - 00014112 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-10-23 17:45 - 2009-06-02 01:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-09-15 13:06 - 2011-09-15 13:06 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2009-11-10 19:04 - 2006-02-23 13:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2009-11-10 19:04 - 2006-02-22 12:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-17 17:30 - 2013-06-12 15:54 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-02-15 01:05 - 2012-02-15 01:37 - 11796096 _____ () C:\Users\xxx\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
2015-04-03 15:36 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-03 15:36 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-03 15:36 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-04-03 15:36 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-03 15:36 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:B801D4E2
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\xxx\Documents\MailOut_Bsp1.eml:OECustomProperty
AlternateDataStreams: C:\Users\xxx\Documents\MailOut_Bsp2.eml:OECustomProperty
AlternateDataStreams: C:\Users\xxx\Documents\MailOut_Bsp3.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gambali => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lexware Info Service.lnk => C:\Windows\pss\Lexware Info Service.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2010 Zahlungserinnerung.lnk => C:\Windows\pss\Quicken 2010 Zahlungserinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Startcenter.lnk => C:\Windows\pss\FRITZ!DSL Startcenter.lnk.Startup
MSCONFIG\startupfolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^klickTel OEM 2007 - Schnellstarter.lnk => C:\Windows\pss\klickTel OEM 2007 - Schnellstarter.lnk.Startup
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupOutlook => "C:\Program Files (x86)\Wisco\BackupOutlook\BackupOutlook.exe" silent
MSCONFIG\startupreg: FreeRAM XP => "C:\Program Files (x86)\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Picasa Media Detector => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: STAMPIT-Tray => C:\Program Files (x86)\STAMPIT\Binary\Stray.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UIWatcher => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

==================== Accounts: =============================

Administrator (S-1-5-21-4067268467-3182437459-1756596644-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-4067268467-3182437459-1756596644-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4067268467-3182437459-1756596644-1004 - Limited - Enabled)
xxx (S-1-5-21-4067268467-3182437459-1756596644-1001 - Administrator - Enabled) => C:\Users\xxx
UpdatusUser (S-1-5-21-4067268467-3182437459-1756596644-1008 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 42%
Total physical RAM: 6142.49 MB
Available physical RAM: 3519.69 MB
Total Pagefile: 12283.17 MB
Available Pagefile: 9272.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:600.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:931.5 GB) (Free:873.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BF2EBF2E)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: DF8203A6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Alt 14.04.2015, 08:24   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -  No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: GutscheinRausch.de - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\jl@leimbach-it.de [2015-04-07]
FF Extension: {a5502a73-43ea-4973-8eb1-ca156bc13cc5} - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{a5502a73-43ea-4973-8eb1-ca156bc13cc5}.xpi [2015-04-07]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-03]
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
CHR Extension: (preisspion.de) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo [2011-11-26]
CHR HKLM\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKLM-x32\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - No Path Or update_url value
C:\Program Files (x86)\Mein Gutscheincode Finder
C:\ProgramData\e8695c1761ea40c9b7cd0a58277d03ae
C:\Windows\SysWOW64\bddel.dat
C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx
C:\ProgramData\boost_interprocess
C:\Program Files (x86)\new game
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
C:\Users\***\AppData\Roaming\xqi4HgB8PWds
C:\Users\***\AppData\Roaming\n8WoXTR
AlternateDataStreams: C:\ProgramData\TEMP:B801D4E2
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
Hosts:
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.04.2015, 17:10   #12
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



So..nun kann es weitergehen. Leider musste ich es 3x laufen lassen. Nach dem 1. Lauf ist mir glatt der Rechner wieder abgeraucht. Nach dem 2. Lauf habe ich gemerkt, dass ich dann vergessen habe das Antivirus Programm erneut zu deaktivieren ....hier nun das Ergebnis nach Lauf Nr. 3.

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-04-2015
Ran by xxx at 2015-04-14 17:53:30 Run:3
Running from C:\Users\xxx\Desktop
Loaded Profiles: xxx (Available profiles: *** & UpdatusUser & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -  No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: GutscheinRausch.de - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\jl@leimbach-it.de [2015-04-07]
FF Extension: {a5502a73-43ea-4973-8eb1-ca156bc13cc5} - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{a5502a73-43ea-4973-8eb1-ca156bc13cc5}.xpi [2015-04-07]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-03]
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
CHR Extension: (preisspion.de) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo [2011-11-26]
CHR HKLM\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKLM-x32\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [2012-06-09]
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - No Path Or update_url value
C:\Program Files (x86)\Mein Gutscheincode Finder
C:\ProgramData\e8695c1761ea40c9b7cd0a58277d03ae
C:\Windows\SysWOW64\bddel.dat
C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx
C:\ProgramData\boost_interprocess
C:\Program Files (x86)\new game
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
C:\Users\xxx\AppData\Roaming\xqi4HgB8PWds
C:\Users\xxx\AppData\Roaming\n8WoXTR
AlternateDataStreams: C:\ProgramData\TEMP:B801D4E2
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
Hosts:
EmptyTemp:
         
*****************

"C:\Windows\system32\GroupPolicy\Machine" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key not found. 
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} => Value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
C:\Users\xxxa\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\jl@leimbach-it.de not found.
C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{a5502a73-43ea-4973-8eb1-ca156bc13cc5}.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi not found.
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Mozilla\Firefox\Extensions\\finder@meingutscheincode.de => Value not found.
C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\mgjkknncnlepghplinfpikcijdbmidbg => Key not found. 
"C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mgjkknncnlepghplinfpikcijdbmidbg => Key not found. 
"C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ngnjhfpfhadncgafgbneeljaginimmmk => Key not found. 
"C:\Program Files (x86)\Mein Gutscheincode Finder" => File/Directory not found.
"C:\ProgramData\e8695c1761ea40c9b7cd0a58277d03ae" => File/Directory not found.
"C:\Windows\SysWOW64\bddel.dat" => File/Directory not found.
"C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx" => File/Directory not found.
"C:\ProgramData\boost_interprocess" => File/Directory not found.
"C:\Program Files (x86)\new game" => File/Directory not found.
"C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7" => File/Directory not found.
"C:\Users\xxx\AppData\Roaming\xqi4HgB8PWds" => File/Directory not found.
"C:\Users\xxx\AppData\Roaming\n8WoXTR" => File/Directory not found.
"C:\ProgramData\TEMP" => ":B801D4E2" ADS not found.
"C:\ProgramData\TEMP" => ":CB0AACC9" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 17:53:49 ====
         

Alt 14.04.2015, 20:37   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.04.2015, 05:44   #14
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by xxxx (administrator) on INES_BUERO on 15-04-2015 06:09:20
Running from C:\Users\xxxx\Desktop
Loaded Profiles: xxxx (Available profiles: xxxx & UpdatusUser & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(File Type Advisor) C:\Program Files (x86)\File Type Advisor\fileadvisor.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\System32\atwtusb.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Windows\System32\atwtusb.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
() C:\Windows\System32\WTMKM.exe
(Guillemot Corporation S.A.) C:\Program Files (x86)\Hercules\Dualpix HD\CamService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Gemalto N.V.) C:\Users\Inxxx\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(Polar Electro Oy) C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(ashampoo GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Auto Resolution\bin\AppResUtilityService.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe
(Dropbox, Inc.) C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceHost.exe
(LG Electronics Inc) C:\Program Files (x86)\LG Electronics\Auto Resolution\bin\Auto Resolution.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Bose Corporation) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7834656 2009-06-02] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-06-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-15] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-04-04] (CANON INC.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2342800 2009-05-21] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-05-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MacrokeyManager] => C:\Windows\system32\WTMKM.exe [7319784 2010-12-24] ()
HKLM\...\Run: [CamserviceHD] => C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe [360448 2009-07-07] (Guillemot Corporation S.A.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2006-11-29] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [KnexStarter] => C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe [159744 2009-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [RunTasktray] => C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe [101376 2009-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DivX Download Manager] => C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe [63360 2010-12-08] (DivX, LLC)
HKLM-x32\...\Run: [CamserviceHD] => C:\Program Files (x86)\Hercules\Dualpix HD\Camservice.exe [360448 2009-07-07] (Guillemot Corporation S.A.)
HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe [1082880 2014-12-11] (Bose Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Creative MediaSource Go] => C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe [204800 2006-11-09] (Creative Technology Ltd)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2498048 2012-07-02] ()
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\xxx\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2013-05-15] (Gemalto N.V.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [693288 2013-11-07] (LG Electronics)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\FlowSync.exe [1125376 2014-11-11] (Polar Electro Oy)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Run: [UIWatcher] => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [3508568 2009-02-23] (ashampoo GmbH & Co. KG)
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-18\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PIPModeResolutionUtility.lnk
ShortcutTarget: PIPModeResolutionUtility.lnk -> C:\Program Files (x86)\LG Electronics\Auto Resolution\bin\AppResUtilityService.exe (LG Electronics)
Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ixxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe ()
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP Print View Resource Center.lnk
ShortcutTarget: HP Print View Resource Center.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe (Hewlett-Packard)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600.lnk
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Usersxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Usersxxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * bddel.exesdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM-x32 -> {6B565918-AFF6-4bae-AC3F-63F626BDE74D} URL = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=de&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
SearchScopes: HKLM-x32 -> {EF742892-2E03-485a-BAFD-8834EFA69EA5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Professionell 4 - {6B63DEFC-F1F3-4148-845E-EA53E2AB5F28} - C:\Program Files (x86)\DATA BECKER\PDF Professionell 4\PDF4IE.dll [2009-04-02] (DATA BECKER)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab
Handler-x32: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler-x32: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll [2009-03-23] (Hewlett-Packard Company)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Usersxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067
FF NewTab: about:blank
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-02] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-05-02] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-07-25] (RocketLife, LLP)
FF Plugin-x32: @t-immersion.com/DFusionHomeWebPlugIn -> C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll [2011-06-30] (Total Immersion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4067268467-3182437459-1756596644-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\xxx\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-4067268467-3182437459-1756596644-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-12-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NP_SecurityPluginSecoder.dll [2008-08-04] (PPI AG)
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\englische-ergebnisse.xml [2014-10-19]
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\gmx-suche.xml [2014-10-19]
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\lastminute.xml [2014-10-19]
FF SearchPlugin: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\searchplugins\webde-suche.xml [2014-10-19]
FF Extension: Amazon-Icon - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\amazon-icon@giga.de [2015-04-07]
FF Extension: FRITZ!Box AddOn - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\fb_add_on@avm.de [2015-04-07]
FF Extension: iCloud Bookmarks - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\firefoxdav@icloud.com [2015-04-07]
FF Extension: Fox Sec 7 - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\fx@foxysecureKDJJHVLSDUVFU.com [2015-04-07]
FF Extension: YouTube to MP3 - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\youtube2mp3@mondayx.de [2015-04-07]
FF Extension: Vista-aero - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{07b2a769-ed19-4483-87ce-c643914c81bb} [2015-04-07]
FF Extension: FT DeepDark - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-04-07]
FF Extension: HP Detect - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2015-04-07]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2015-04-07]
FF Extension: DHL Toolbar - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{edc0b8a5-c050-4bb2-b785-a623b4515abf} [2015-04-07]
FF Extension: Add to Amazon Wish List Button - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\amznUWL2@amazon.com.xpi [2015-04-07]
FF Extension: NASA Night Launch - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\nasanightlaunch@example.com.xpi [2015-04-07]
FF Extension: Speed Notifier - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{724b5eec-c5c6-4050-9cf3-dbc61f95dd08}.xpi [2015-04-07]
FF Extension: ImTranslator - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2015-04-07]
FF Extension: Video DownloadHelper - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-07]
FF Extension: Facebook Share Button - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\b8k4buhw.default-1428421863067\Extensions\{d4e0dc9c-c356-438e-afbe-dca439f4399d}.xpi [2015-04-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-04-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-11]
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-11-24]
FF HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ldncbx20.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DivX HiQ) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-19]
CHR Extension: (Skype Click to Call) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-11-26]
CHR Extension: (PicBadges) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjkknncnlepghplinfpikcijdbmidbg [2012-06-09]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-19]
CHR HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mgjkknncnlepghplinfpikcijdbmidbg] - C:\Users\INESGO~1\AppData\Local\426535460_Setup.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Usersxxxx\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-10-19]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [654640 2009-04-15] (REINER SCT)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2009-10-19] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2009-10-19] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [425984 2008-04-30] (Creative Technology Ltd) [File not signed]
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [File not signed]
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-03-02] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-05] (Google)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [97432 2007-04-13] () [File not signed]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-03-12] (Lavasoft Limited)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [647242 2005-11-08] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WPEServ; C:\Program Files (x86)\Common Files\WPE\wpeserv.exe [339968 2008-10-30] (soft Xpansion) [File not signed]
R2 WTService; C:\Windows\system32\atwtusb.exe [914664 2011-01-17] () [File not signed]
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2011-02-08] () [File not signed]
R1 acedrv08; C:\Windows\system32\drivers\acedrv08.sys [133856 2013-10-03] ()
R1 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [134880 2011-02-08] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [43320 2007-06-13] (REINER SCT)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-13] (Devguru Co., Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [File not signed]
S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [111104 2009-02-08] (Guillemot Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31264 2009-11-16] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31264 2009-11-16] (RapidSolution Software AG)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RTS5121.sys [208384 2008-11-21] (Realtek Semiconductor Corp.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-09-14] (Sony Ericsson Mobile Communications)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552384 2009-04-22] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\USBSER.sys [25600 2014-04-11] (Microsoft Corporation) [File not signed]
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S3 zebrbus; C:\Windows\System32\DRIVERS\zebrbus.sys [108544 2010-09-14] (MCCI)
S3 zebrmdfl; C:\Windows\System32\DRIVERS\zebrmdfl.sys [18944 2010-09-14] (MCCI Corporation)
S3 zebrmdm; C:\Windows\System32\DRIVERS\zebrmdm.sys [145408 2010-09-14] (MCCI)
S3 zebrmdmc; C:\Windows\System32\DRIVERS\zebrmdmc.sys [145408 2010-09-14] (MCCI)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 Rts516xIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 00:31 - 2015-04-14 17:53 - 00000035 _____ () C:\Windows\system32\Drivers\etc\hosts.20150415-003100.backup
2015-04-14 17:31 - 2015-04-14 17:32 - 00262224 _____ () C:\Windows\Minidump\041415-131571-01.dmp
2015-04-14 06:48 - 2015-04-14 17:31 - 395201377 _____ () C:\Windows\MEMORY.DMP
2015-04-14 06:48 - 2015-04-14 06:48 - 00287872 _____ () C:\Windows\Minidump\041415-135377-01.dmp
2015-04-13 22:33 - 2015-04-13 22:57 - 00052230 _____ () C:\Users\xxxx\Desktop\Addition.txt
2015-04-13 22:30 - 2015-04-15 06:09 - 00039468 _____ () C:\Users\xxxx\Desktop\FRST.txt
2015-04-13 22:17 - 2015-04-13 17:58 - 02687136 _____ (Thisisu) C:\Users\xxx\Desktop\JRT_NEW.exe
2015-04-13 21:50 - 2015-04-13 21:50 - 02217984 _____ () C:\Users\xxx\Downloads\AdwCleaner_4.201.exe
2015-04-13 20:32 - 2015-04-14 20:11 - 00000560 _____ () C:\Windows\setupact.log
2015-04-13 20:32 - 2015-04-14 17:31 - 00008672 _____ () C:\Windows\PFRO.log
2015-04-13 20:32 - 2015-04-13 20:32 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-13 20:23 - 2015-04-13 20:26 - 00067030 _____ () C:\Users\xxx\Downloads\Addition.txt
2015-04-13 20:19 - 2015-04-13 20:26 - 00107973 _____ () C:\Users\xxxx\Downloads\FRST.txt
2015-04-13 20:18 - 2015-04-15 06:09 - 00000000 ____D () C:\FRST
2015-04-13 20:18 - 2015-04-13 20:18 - 02096640 _____ (Farbar) C:\Users\xxxx\Desktop\FRST64.exe
2015-04-13 06:46 - 2015-04-13 06:46 - 00682360 _____ () C:\Users\xxx\Downloads\Setup.exe
2015-04-09 17:04 - 2015-04-09 17:04 - 00001246 _____ () C:\Usersxxxx\Desktop\Revo Uninstaller.lnk
2015-04-09 17:04 - 2015-04-09 17:04 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-04-09 17:03 - 2015-04-09 17:03 - 01203488 _____ () C:\Users\xxx\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-04-08 00:50 - 2009-10-19 19:33 - 00000852 _____ () C:\Windows\system32\Drivers\etc\hosts.20150408-005003.backup
2015-04-07 18:21 - 2015-04-07 18:21 - 00001129 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-07 18:21 - 2015-04-07 18:21 - 00001117 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-07 18:20 - 2015-04-07 18:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 18:16 - 2015-04-07 18:17 - 00243656 _____ () C:\Users\xxx\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-07 17:51 - 2015-04-07 17:51 - 00000000 ____D () C:\Users\xxxx\Desktop\Alte Firefox-Daten
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-04-07 06:50 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-04-07 06:50 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-04-06 20:58 - 2015-04-06 20:58 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-06 13:52 - 2015-04-06 13:52 - 00003738 _____ () C:\Windows\System32\Tasks\DivX Update
2015-04-06 13:34 - 2015-04-06 13:34 - 00002193 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2015-04-06 13:34 - 2015-04-06 13:34 - 00002183 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-04-06 13:34 - 2015-02-25 09:25 - 00041784 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-04-06 13:34 - 2015-02-25 09:24 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-04-06 13:34 - 2015-02-25 09:24 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-04-06 13:33 - 2015-04-06 13:33 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\AVG
2015-04-06 13:28 - 2015-04-06 13:28 - 00000000 ____D () C:\Users\xxxx\AppData\Local\Avg
2015-04-06 12:41 - 2015-04-06 13:34 - 00000000 ____D () C:\ProgramData\AVG
2015-04-06 12:30 - 2015-04-06 12:30 - 04818760 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_avc_stb_all_2015_ltst_197.exe
2015-04-06 12:29 - 2015-04-06 12:31 - 113398072 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_tuh_stf_all_2015_403_24c43.exe
2015-04-06 10:12 - 2015-04-06 10:30 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-06 10:12 - 2015-04-06 10:12 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 06:07 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-04-06 06:07 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-04-06 03:10 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-06 03:10 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-04-05 11:20 - 2015-04-05 11:20 - 02347384 _____ (ESET) C:\Users\xxxx\Downloads\esetsmartinstaller_deu.exe
2015-04-05 11:00 - 2015-04-05 11:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-INES_BUERO-Windows-7-Professional-(64-bit).dat
2015-04-05 11:00 - 2015-04-05 11:00 - 00000000 ____D () C:\RegBackup
2015-04-05 10:58 - 2015-04-05 10:58 - 02690981 _____ (Thisisu) C:\Users\xxxx\Downloads\JRT.exe
2015-04-05 10:33 - 2015-04-13 21:57 - 00000000 ____D () C:\AdwCleaner
2015-04-05 10:32 - 2015-04-05 10:33 - 02208768 _____ () C:\Users\xxxx\Downloads\AdwCleaner_4.200.exe
2015-04-05 08:44 - 2015-04-05 08:44 - 00074813 _____ () C:\Windows\system32\ScanResults.xml
2015-04-05 08:34 - 2015-04-05 08:34 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-04-05 03:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-05 03:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-04-05 03:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-05 03:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-05 03:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-04-05 03:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-04-05 03:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-05 03:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-04 21:25 - 2015-04-04 21:25 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\AVG2015
2015-04-04 21:23 - 2015-04-04 21:23 - 00000941 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-04-04 21:23 - 2015-04-04 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-04 21:21 - 2015-04-04 21:24 - 00000000 ____D () C:\ProgramData\AVG2015
2015-04-04 21:00 - 2015-04-04 21:21 - 00000000 ___HD () C:\$AVG
2015-04-04 20:57 - 2015-04-14 20:58 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-04 20:57 - 2015-04-04 21:31 - 00000000 ____D () C:\Users\xxxx\AppData\Local\Avg2015
2015-04-04 20:57 - 2015-04-04 20:57 - 00000000 ____D () C:\Users\xxxx\AppData\Local\MFAData
2015-04-04 20:52 - 2015-04-04 20:55 - 183952072 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_free_x64_all_2015_ltst_221.exe
2015-04-04 14:32 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-04-04 14:32 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-04-04 14:32 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-04-04 14:32 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-04-04 14:32 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-04-04 14:32 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-04-04 14:32 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-04-04 14:32 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-04-04 14:32 - 2014-12-11 19:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-04 14:32 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-04 14:32 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-04 14:32 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-04-04 14:32 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-04-04 14:32 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-04-04 14:32 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-04-04 14:31 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-04 14:31 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-04-04 14:31 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-04-04 14:31 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-04-04 14:31 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-04-04 14:31 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-04-04 14:31 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-04-04 14:31 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-04 14:31 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-04-04 14:31 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-04-04 14:31 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-04-04 14:31 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-04 14:31 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-04-04 14:31 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-04-04 14:31 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-04 14:31 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-04 14:31 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-04-04 14:31 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-04-04 14:31 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-04-04 14:31 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-04-04 14:31 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-04-04 14:31 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-04-04 14:31 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-04-04 14:31 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-04 14:31 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-04 14:31 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-04-04 14:31 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-04 14:31 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-04-04 14:31 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-04 14:31 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-04-04 14:31 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-04-04 14:31 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-04 14:31 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-04-04 14:31 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-04-04 14:31 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-04-04 14:31 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-04-04 14:31 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-04-04 14:31 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-04-04 14:30 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-04-04 14:30 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-04-04 14:30 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-04-04 14:30 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-04 14:30 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-04-04 14:30 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-04 14:30 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-04 14:30 - 2014-08-21 08:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-04 14:30 - 2014-08-21 08:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-04 14:30 - 2014-08-21 08:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-04 14:30 - 2014-08-21 08:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-04 14:30 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-04 14:30 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-04-04 14:30 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-04-04 14:30 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-04-04 14:30 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-04 14:30 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-04-04 14:30 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-04-04 14:30 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-04-04 14:30 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-04-04 14:30 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-04-04 14:29 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-04 14:29 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-04 14:29 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-04 14:29 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-04 14:29 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-04 14:29 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-04 14:29 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-04 14:29 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-04 14:29 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-04 14:29 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-04 14:29 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-04 14:29 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-04 14:29 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-04 14:29 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-04 14:29 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-04 14:29 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-04-04 14:29 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-04-04 14:29 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-04-04 14:29 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-04-04 14:29 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-04 14:29 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-04-04 14:29 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-04 14:29 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-04 14:29 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-04-04 14:29 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-04-04 14:29 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-04-04 14:29 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-04 14:29 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-04-04 14:29 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-04-04 14:29 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-04-04 14:29 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-04-04 14:29 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-04-04 14:29 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-04-04 14:29 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-04-04 14:29 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-04-04 14:29 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-04-04 14:29 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-04-04 14:29 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-04-04 14:29 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-04-04 14:29 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-04-04 14:29 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-04-04 14:29 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-04-04 14:29 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-04 14:28 - 2015-02-23 12:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-04 14:28 - 2015-02-23 12:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-04 14:28 - 2015-02-23 12:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-04 14:28 - 2015-02-23 12:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-04 14:28 - 2015-02-23 12:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-04 14:28 - 2015-02-23 12:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-04 14:28 - 2015-02-23 12:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-04 14:28 - 2015-02-23 11:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-04 14:28 - 2015-02-23 10:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-04 14:28 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-04 14:28 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-04 14:28 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-04 14:28 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-04 14:28 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-04 14:28 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-04 14:28 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-04 14:28 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-04 14:28 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-04 14:28 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-04 14:28 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-04 14:27 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-04 14:27 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-04 14:27 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-04 14:27 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-04 14:27 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-04 14:27 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-04 14:27 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-04 14:27 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-04-04 14:27 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-04-04 14:27 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-04-04 14:27 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-04 14:27 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-04 14:27 - 2014-10-04 04:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-04 14:27 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-04 14:27 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-04-04 14:27 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-04-04 14:27 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-04-04 14:27 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-04-04 14:27 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-04-04 14:27 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-04-04 14:27 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-04-04 14:27 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-04-04 14:27 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-04-04 14:27 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-04 14:27 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-04-04 14:27 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-04-04 14:27 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-04-04 14:26 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-04-04 14:26 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-04-04 14:26 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-04-04 14:26 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-04 14:26 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-04 14:26 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-04 14:26 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-04-04 14:26 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-04-04 14:26 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-04-04 14:26 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-04-04 14:26 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-04 14:26 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-04-04 14:26 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-04-04 14:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-04-04 14:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-04-04 14:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-04-04 14:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-04-04 14:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-04 14:26 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-04 14:26 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-04 14:26 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-04 14:26 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-04 14:26 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-04 14:26 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-04 14:26 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-04 14:26 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-04 14:26 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-04-04 14:26 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-04-04 14:26 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-04-04 14:26 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-04-04 14:26 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-04-04 14:26 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-04-04 14:26 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-04-04 14:26 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-04-04 14:25 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-04 14:25 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-04 14:25 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-04 14:25 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-04 14:23 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-04 14:23 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-04-04 12:22 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-04 12:22 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-04 12:22 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-04 12:22 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-04 12:21 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-04 12:21 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-04 12:21 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-04 12:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-04 12:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-04 12:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-04 12:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-03 20:49 - 2015-04-03 20:49 - 00000000 ____D () C:\Users\xxx\Documents\Simply Super Software
2015-04-03 16:12 - 2015-04-03 16:12 - 00000000 ____D () C:\Users\xxxx\Documents\ProcAlyzer Dumps
2015-04-03 16:10 - 2015-04-03 16:10 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\xxxx\Downloads\spybot2-license.exe
2015-04-03 15:36 - 2015-04-03 16:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-03 15:36 - 2015-04-03 15:36 - 00001373 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-04-03 15:36 - 2015-04-03 15:36 - 00001361 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-04-03 15:36 - 2015-04-03 15:36 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-04-03 15:36 - 2015-04-03 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-04-03 15:36 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-04-03 15:35 - 2015-04-06 18:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-04-03 15:34 - 2015-04-03 15:34 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\TrojanHunter
2015-04-03 12:58 - 2015-04-03 20:46 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.6
2015-04-03 12:58 - 2015-04-03 12:58 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2015-04-03 12:47 - 2015-04-03 12:52 - 00025204 _____ () C:\Windows\system32\bddel.dat
2015-04-03 12:13 - 2015-04-03 12:13 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\LavasoftStatistics
2015-04-03 12:12 - 2015-04-03 12:12 - 00000000 ____D () C:\Users\xxxx\AppData\Local\Lavasoft
2015-04-03 12:11 - 2015-04-03 12:11 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-04-03 12:08 - 2015-04-03 12:08 - 00000000 ____D () C:\Program Files\Lavasoft
2015-04-03 12:07 - 2015-04-03 12:10 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Lavasoft
2015-04-03 12:07 - 2015-04-03 12:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2015-04-03 12:05 - 2015-04-03 12:10 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-04-03 12:05 - 2015-04-03 12:05 - 02071768 _____ () C:\Users\xxxx\Downloads\AdAware116WebInstaller.exe
2015-04-03 11:48 - 2015-04-15 05:24 - 01389343 _____ () C:\Windows\WindowsUpdate.log
2015-04-03 11:21 - 2015-04-13 22:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 11:08 - 2015-04-03 11:08 - 00000000 ____D () C:\ProgramData\Licenses
2015-04-03 11:06 - 2015-04-03 20:47 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-04-03 11:05 - 2015-04-03 11:05 - 35218576 _____ (Simply Super Software ) C:\Users\xxxx\Downloads\trjsetup692.exe
2015-03-26 19:39 - 2015-03-26 17:32 - 00146432 _____ (Oracle Corporation) C:\Windows\SysWOW64\javacpl.cpl
2015-03-26 17:34 - 2015-03-26 17:33 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-24 17:01 - 2015-03-24 17:01 - 00001125 _____ () C:\Users\Public\Desktop\Polar FlowSync.lnk
2015-03-24 17:00 - 2015-03-24 17:00 - 21743168 _____ (Polar Electro Oy ) C:\Users\xxx\Downloads\FlowSync_2.3.8.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 06:08 - 2011-02-13 12:11 - 00000000 ____D () C:\Users\xxxx\Documents\Outlook-Dateien
2015-04-15 06:07 - 2014-12-05 21:38 - 00000000 ____D () C:\Users\xxxx\AppData\Local\53D5E25F-F10A-46BE-88F0-592E11C5253C.aplzod
2015-04-15 06:01 - 2012-04-02 07:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-15 05:56 - 2013-08-29 20:33 - 00000348 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-04-15 05:56 - 2010-12-11 10:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-14 21:56 - 2010-12-11 10:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-14 20:23 - 2009-07-14 06:45 - 00015040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 20:23 - 2009-07-14 06:45 - 00015040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 20:16 - 2012-12-02 15:21 - 00000000 ___RD () C:\Users\xxxx\Dropbox
2015-04-14 20:16 - 2012-12-02 14:54 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Dropbox
2015-04-14 20:14 - 2012-07-15 14:28 - 00000000 ____D () C:\Users\xxx\.rainlendar2
2015-04-14 20:12 - 2009-10-19 17:26 - 00000144 _____ () C:\service.log
2015-04-14 20:12 - 2009-07-14 04:34 - 00000675 _____ () C:\Windows\win.ini
2015-04-14 20:11 - 2009-10-19 17:42 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-04-14 20:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 20:01 - 2012-04-02 07:47 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 20:01 - 2012-04-02 07:46 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 20:01 - 2011-06-15 16:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 19:20 - 2009-10-19 22:20 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Skype
2015-04-14 18:02 - 2014-12-31 15:33 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-04-14 17:31 - 2009-12-29 18:35 - 00000000 ____D () C:\Windows\Minidump
2015-04-14 17:09 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-14 03:12 - 2009-10-19 21:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-13 22:19 - 2014-10-14 15:53 - 00000000 ____D () C:\Users\xxxx\AppData\Local\CrashDumps
2015-04-12 12:01 - 2010-02-07 13:32 - 00000454 _____ () C:\Windows\Tasks\Automatische Wartung.job
2015-04-10 11:02 - 2010-09-20 19:53 - 00000000 ____D () C:\Users\xxxx\Documents\Ines
2015-04-09 18:00 - 2012-12-02 15:21 - 00001034 _____ () C:\Users\xxx\Desktop\Dropbox.lnk
2015-04-09 18:00 - 2012-12-02 15:20 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 17:48 - 2009-07-14 06:45 - 05289880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-09 17:44 - 2012-05-15 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-09 17:44 - 2010-06-04 07:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-09 17:10 - 2009-10-19 19:41 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-04-08 16:18 - 2009-10-19 17:54 - 00139064 _____ () C:\Users\xxxx\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-08 04:29 - 2010-10-19 11:22 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-04-08 03:12 - 2010-06-05 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 17:42 - 2009-10-19 17:23 - 00000000 ____D () C:\Users\xxxx
2015-04-07 17:01 - 2014-12-23 08:48 - 00003518 _____ () C:\Windows\System32\Tasks\FileAdvisorCheck
2015-04-07 17:01 - 2014-12-23 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2015-04-07 17:01 - 2014-12-23 08:48 - 00000000 ____D () C:\Program Files (x86)\File Type Advisor
2015-04-07 01:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-07 00:47 - 2014-02-19 20:33 - 00000000 ____D () C:\Users\xxxx\Downloads\MyPhoneExplorer_TSV44RV02
2015-04-07 00:44 - 2014-10-19 16:46 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\WHService
2015-04-06 13:51 - 2009-10-19 21:02 - 00000000 ____D () C:\Users\xxx\AppData\Local\Microsoft Help
2015-04-06 13:50 - 2014-10-17 21:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-06 13:50 - 2013-08-29 18:38 - 00000000 ____D () C:\Users\xxxx\AppData\Roaming\HpUpdate
2015-04-06 13:50 - 2012-08-15 19:08 - 00000000 ____D () C:\Users\xxx\.thumbnails
2015-04-06 13:50 - 2009-10-22 23:16 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Azureus
2015-04-06 13:50 - 2009-10-19 18:13 - 00000000 ____D () C:\Windows\Panther
2015-04-06 13:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-04-06 11:38 - 2011-07-01 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-04-06 11:37 - 2009-10-23 20:17 - 00000000 ____D () C:\Windows\pss
2015-04-06 11:34 - 2011-02-18 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-06 11:34 - 2009-10-22 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Registry Repair
2015-04-06 11:18 - 2009-10-19 22:20 - 00000000 ____D () C:\ProgramData\Skype
2015-04-06 11:17 - 2009-10-19 22:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-06 11:14 - 2011-09-27 08:53 - 00000000 ____D () C:\Users\xxx\AppData\Local\Htc
2015-04-06 11:14 - 2009-10-21 17:53 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-06 11:13 - 2014-12-05 21:32 - 00000000 ___RD () C:\Users\xxx\iCloudDrive
2015-04-06 11:13 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-04-06 10:34 - 2009-07-14 19:58 - 02982910 _____ () C:\Windows\system32\perfh007.dat
2015-04-06 10:34 - 2009-07-14 19:58 - 00886948 _____ () C:\Windows\system32\perfc007.dat
2015-04-06 10:34 - 2009-07-14 07:13 - 00006512 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-06 10:13 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-06 10:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-06 10:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-06 10:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-04-06 10:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-05 03:17 - 2013-07-19 07:16 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-04 21:25 - 2010-05-14 11:19 - 00000000 ____D () C:\Users\multiskype.xxxx
2015-04-04 21:25 - 2010-05-14 11:13 - 00000000 ____D () C:\Users\multiskype
2015-04-04 21:25 - 2009-10-19 19:15 - 00000000 ____D () C:\Users\Administrator
2015-04-04 21:23 - 2014-12-12 15:23 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\TuneUp Software
2015-04-04 21:00 - 2009-10-19 19:41 - 00000000 ____D () C:\ProgramData\avg8
2015-04-04 13:18 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-04 13:01 - 2009-10-22 19:42 - 00002562 _____ () C:\Windows\diagwrn.xml
2015-04-04 13:01 - 2009-10-22 19:42 - 00001908 _____ () C:\Windows\diagerr.xml
2015-04-04 12:55 - 2014-06-13 09:08 - 00002854 _____ () C:\Windows\CompatibilityIssues.txt
2015-04-03 20:00 - 2014-12-31 12:25 - 00005584 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-04-03 20:00 - 2014-12-31 12:25 - 00002664 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-04-03 20:00 - 2014-12-31 12:25 - 00002664 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-04-03 11:20 - 2009-10-20 21:23 - 00000000 ____D () C:\Users\xxxx\Documents\Backups
2015-04-03 11:18 - 2009-10-21 20:27 - 00000000 ____D () C:\Users\xxxx\Documents\Tussy Anträge
2015-03-26 19:39 - 2013-10-26 17:13 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-26 17:33 - 2010-06-29 19:14 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00207272 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00206760 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-26 17:33 - 2010-06-29 19:14 - 00000000 ____D () C:\Program Files\Java
2015-03-26 17:32 - 2013-10-26 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-26 17:31 - 2009-10-20 18:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-24 17:01 - 2011-04-19 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polar
2015-03-24 17:01 - 2011-04-19 19:13 - 00000000 ____D () C:\Program Files (x86)\Polar

==================== Files in the root of some directories =======

2009-12-01 18:08 - 2009-12-01 18:08 - 3211264 _____ () C:\Program Files (x86)\Common FilesDDBACSetup.msi
2010-08-07 18:06 - 2010-07-22 23:40 - 2944904 _____ (Ask) C:\Program Files (x86)\Common Files\AskToolbarInstaller.exe
2013-05-15 18:32 - 2013-05-15 18:32 - 0000288 _____ () C:\Users\xxxx\AppData\Roaming\.backup.dm
2011-09-12 20:20 - 2011-09-14 21:53 - 0000132 _____ () C:\Users\xxxx\AppData\Roaming\Adobe BMP Format CS5 Prefs
2011-08-15 17:43 - 2011-08-15 17:43 - 0000132 _____ () C:\Users\xxxxxAppData\Roaming\Adobe GIF Format CS5 Prefs
2011-01-29 01:12 - 2011-03-28 07:56 - 0001188 _____ () C:\Usersxxxx\AppData\Roaming\BBMS_EXCEPTION.txt
2012-08-05 21:16 - 2012-08-05 21:16 - 0457829 _____ (Freedom Download Manager                                    ) C:\Users\***\AppData\Roaming\fdm-setup.exe
2012-09-23 09:44 - 2012-12-02 13:14 - 0038489 _____ () C:\Users\xxxx\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2012-12-02 13:26 - 2012-12-02 13:26 - 0013021 _____ () C:\Users\xxxx\AppData\Roaming\Kommagetrennte Werte (Windows).CAL
2012-03-28 17:06 - 2012-03-28 17:10 - 0076768 _____ () C:\Users\xxx\AppData\Roaming\Photo.jpg
2011-01-27 21:24 - 2011-10-07 18:52 - 0002002 _____ () C:\Users\xxx\AppData\Roaming\Rim.Desktop.Exception.log
2011-01-27 21:23 - 2011-12-11 13:08 - 0006063 _____ () C:\Users\xxx\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2009-11-05 19:28 - 2013-08-30 21:31 - 0036352 _____ () C:\Users\xxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-15 19:10 - 2012-08-15 19:10 - 0000848 _____ () C:\Users\xxxx\AppData\Local\recently-used.xbel
2011-04-12 19:31 - 2011-04-12 19:38 - 0000128 _____ () C:\Users\xxx\AppData\Local\Temp$$_temp.ldb
2013-08-29 18:35 - 2013-08-29 18:35 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprgqrki.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 14:49

==================== End Of Log ============================
         
--- --- ---

[/CODE]

Alt 15.04.2015, 05:47   #15
InGo69
 
Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Standard

Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by xxx at 2015-04-15 06:11:05
Running from C:\Users\xxxx\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Album Art Downloader XUI 0.44 (HKLM-x32\...\Album Art Downloader XUI) (Version: 0.44 - hxxp://sourceforge.net/projects/album-art)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2010 (HKLM-x32\...\Ashampoo Burning Studio 2010_is1) (Version: 9.12 - ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 3.12 (HKLM-x32\...\Ashampoo UnInstaller 3_is1) (Version: 3.1.2 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2010 CBE (HKLM-x32\...\Ashampoo WinOptimizer 2010 CBE_is1) (Version: 6.5.0 - Ashampoo GmbH & Co. KG)
Audials TV (HKLM-x32\...\{1A0B8239-664B-434A-99D8-C50793513249}) (Version: 1.3.10800.0 - RapidSolution Software AG)
AudialsOne (HKLM-x32\...\{80C7431E-CB45-40F4-AB4E-090E8AD4706D}) (Version: 4.0.33916.1600 - RapidSolution Software AG)
AudioCon (HKLM-x32\...\AudioCon) (Version: 1.0 - Basement Softworks)
Auto Resolution (HKLM-x32\...\{403F1594-BC16-47A5-B365-F73CD69D720E}) (Version: 1.9 - LG Electronics Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4331 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.403 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.403 - AVG Technologies) Hidden
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version:  - AVM Berlin)
Azureus (HKLM-x32\...\Azureus) (Version: 2.5.0.4 - )
BackupOutlook (HKLM-x32\...\{75210106-92D4-45A9-B2B7-EC9E901DF334}_is1) (Version: 3.0.2 - Wisco)
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version:  - )
BewerbungsGenie 5 (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\{0A06F725-CD0E-4360-BEC8-F89AF54E59D2}) (Version: 1.00.000 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{6DFB01ED-2F63-4210-81B4-B1AF742C475B}) (Version: 0.6.53 - Kovid Goyal)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon iP4500 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series) (Version:  - )
Canon iP4500 series Benutzerregistrierung (HKLM-x32\...\Canon iP4500 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.2.0.10 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.3 (HKLM-x32\...\DPP) (Version: 3.3.0.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.3.0.2 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.2.0.1 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.25 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
Creative-Diagnose (HKLM-x32\...\Diagnostics 4_5) (Version:  - )
Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM-x32\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.0.0 - Business Objects)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.8.0 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAISY (HKLM-x32\...\DAISY) (Version:  - )
DATA BECKER PDF Professionell 4 (HKLM-x32\...\PDF Professionell 4_is1) (Version:  - )
DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.0.24 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
Easy Text To HTML Converter (HKLM-x32\...\Easy Text To HTML Converter) (Version: 3.0.0 - easy HTools)
EasySaver B9.0610.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
EcrSystem (HKLM-x32\...\{1C18975A-D0CE-43FB-81CC-006C82F9BE10}) (Version: 1.0.0 - EcrSystem)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Etikettendruckerei 5 (HKLM-x32\...\{59CB3794-BA8C-4DF5-8C3A-C3E3B184C35B}) (Version: 5.02.000 - )
File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version:  - )
FileZilla (remove only) (HKLM-x32\...\FileZilla) (Version:  - )
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
funScreenScraping Client Version (HKLM-x32\...\{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}) (Version: 1.0.173 - fun communications GmbH)
funScreenScraping Microsoft Systemdateien (HKLM-x32\...\{AC849092-6F19-4395-8860-BC3B82CAFE51}) (Version: 1.0.6 - fun communications GmbH)
Geometry Calculator v1.2 (HKLM-x32\...\Geometry Calculator v1.2) (Version: 1.2 - SJW Computer Resources)
Gigaset QuickSync (HKLM\...\{a325d0b9-0b5e-4ad1-9c5f-e39aa43f8c9d}) (Version: 7.1.0841.3 - Gigaset Communications GmbH)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Registry Repair 3.2.0.828 (HKLM-x32\...\Glary Registry Repair_is1) (Version:  - GlarySoft.com)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hercules Webcam Station Evolution (HKLM-x32\...\{B60D61FD-1CB1-4ED5-974E-8C959F14208E}) (Version: 4.0.2.1 - Hercules)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
HP Easy Printer Care (HKLM-x32\...\HP Easy Printer Care) (Version:  - Hewlett-Packard Co.)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Print View Software (HKLM\...\{BE83E4A4-A678-4211-AF2B-2EC8ECC0AC73}) (Version: 2.0.0.1 - Hewlett-Packard)
HP Print View Software (HKLM-x32\...\HP Marketing Resources) (Version:  - Hewlett-Packard Co.)
HP Proactive Services (HKLM-x32\...\{7527CD9F-894E-47B3-9AFB-3E680E007051}) (Version: 1.6.0.37 - Ihr Firmenname)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{7A3FFA58-876F-489C-B6CF-0503916224DF}) (Version: 3.0.5617 - HTC Corporation)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Komponenten der Betriebssystemkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Ereigniskommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Gerätedatenkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
Komponenten der Kernkommunikation (x32 Version: 2.8.0.50 - Hewlett-Packard) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Lexware Abschreibungsrechner (HKLM-x32\...\{20DC6CD9-AAA0-4FF9-A171-D72A7BCB0910}) (Version: 9.01.04.0007 - Haufe-Lexware GmbH & Co. KG)
Lexware Abschreibungsrechner (x32 Version: 4.60.00.0000 - Lexware) Hidden
Lexware büro easy 2011 (HKLM-x32\...\{43034BED-DF67-4CC8-8D13-D18B0298F402}) (Version: 23.50.04.0059 - Haufe-Lexware GmbH & Co. KG)
Lexware Elster (HKLM-x32\...\{C8E00BC8-D619-4081-813A-6B5BCC846534}) (Version: 9.10.00.0041 - Lexware GmbH & Co. KG)
Lexware Info Service (HKLM-x32\...\{59624372-3B85-47f4-9B04-4911E551DF1E}) (Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Lexware online banking (HKLM-x32\...\{F6995FC4-2D91-4169-B3C4-7C51B7123902}) (Version: 10.00.00.0102 - Lexware GmbH & Co. KG)
Lexware online banking 4.90 (x32 Version: 4.90 - Lexware) Hidden
Lexware reisekosten 2009 (HKLM-x32\...\{225C12AE-BB37-4EE3-8935-583E2F0E6644}) (Version: 16.00.00.0050 - Lexware)
Lexware reisekosten 2009 (x32 Version: 16.00.00.0050 - Lexware) Hidden
Lexware Sepa Check (x32 Version: 1.00.00.0003 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Zeiterfassung (HKLM-x32\...\{4119E30C-82DE-44AD-9382-631A031E1E1B}) (Version: 23.00.04.0005 - Haufe-Lexware GmbH & Co. KG)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}) (Version: 1.18.5.1 - LightScribe)
Live 8.1.5 (HKLM-x32\...\Live 8.1.5) (Version:  - )
MAGIX 3D Maker 7 Download-Version (HKLM-x32\...\MAGIX_MSI_3D7) (Version: 7.0.0.482 - MAGIX AG)
MAGIX 3D Maker 7 Download-Version (x32 Version: 7.0.0.482 - MAGIX AG) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft IntelliPoint 7.0 (HKLM\...\{C74A84EC-7C5F-4C36-A4A6-381E516D643B}) (Version: 7.0.260.0 - Microsoft)
Microsoft IntelliType Pro 7.0 (HKLM\...\{850C7AF6-7376-464D-A69C-E8419EC7ACA7}) (Version: 7.0.260.0 - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector 64-Bit (HKLM\...\{95140000-0081-0407-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (HKLM\...\{95140000-007D-0409-1000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft)
Microsoft Setup Center 13.05 (HKLM-x32\...\Microsoft Setup Center 13.05_is1) (Version:  - com! - Das Computer Magazin)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
myphotobook.de (x32 Version: 1.1.0 - myphotobook GmbH) Hidden
NVIDIA 3D Vision Controller-Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OutlookAddInNet3Setup (HKLM-x32\...\{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}) (Version: 1.0.0 - Samsung)
PC Connectivity Solution (HKLM-x32\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Frames & Effects Free 1.12 (HKLM-x32\...\{CF12B794-A1EF-4211-B16F-0FB4E2FACCA6}_is1) (Version: 1.12 - Big Eagle Software KB)
Photomatix Pro Version 5.0.3 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.3 - HDRsoft Ltd)
Picasa 2 (HKLM-x32\...\Picasa2) (Version: 2.0 - Google, Inc.)
PixiePack Codec Pack (HKLM-x32\...\{9C450606-ED24-4958-92BA-B8940C99D441}) (Version: 1.1.400.0 - None)
PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version:  - )
Polar FlowSync Version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy)
PortraitPro 12.2 (HKLM\...\PortraitPro12_is1) (Version: 12.2 - Anthropics Technology Ltd.)
Power Presenter RE (HKLM-x32\...\{6AF6BFD2-D368-4F81-9B82-D3B1414351C8}) (Version:    -   )
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quicken 2010 - Servicepack 5 (HKLM-x32\...\{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}) (Version: 17.05.0000 - Lexware GmbH & Co KG)
Quicken 2010 (x32 Version: 17.00.00.0081 - Lexware GmbH & Co. KG) Hidden
Quicken HOME & BUSINESS 2010 (HKLM-x32\...\InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}) (Version: 17.00.00.0081 - Lexware GmbH & Co. KG)
Quicken Import Export Server 2010 (HKLM-x32\...\{7DA9F24A-CEC3-426E-BFFA-ADB94D922463}) (Version: 17.00.00.0048 - Lexware GmbH & Co. KG)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5864 - Realtek Semiconductor Corp.)
RENESIS® Player Browser Plugins (HKLM-x32\...\{62B7C52C-CAB6-48B1-8245-52356C141C92}) (Version: 1.1.1 - examotion® GmbH)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.4.0 - SAMSUNG Electronics Co., Ltd.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Schafkopf & Doppelkopf Deluxe DEMO 1.0 (HKLM-x32\...\{98BA5D38-461D-415B-A651-2120D6994FC5}_is1) (Version: Schafkopf & Doppelkopf Deluxe DEMO - Zone 2 Media GmbH)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.29 - LG Electronics Inc.)
Security-Plugin-Secoder (HKLM-x32\...\SecurityPluginSecoder) (Version: 2.4.0.0 - PPI AG, Hamburg, Germany)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
SoundTouch (HKLM-x32\...\{42DA7251-AA96-484D-8190-F1BA53C75AFD}) (Version: 7.2.21.8752 - BOSE)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncDroid version 1.2.5 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.5 - JunTu Software, Inc.)
Tablet Driver With Macrokey Manager (HKLM\...\RmTablet) (Version:  - )
TAPI Services for FRITZ!Box (HKLM\...\{8505C641-422E-4E3C-B6B0-0F070E289FDD}) (Version: 1.0.4 - AVM Berlin)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Tengwar Mode Editor (HKLM-x32\...\Tengwar Mode Editor) (Version:  - )
Tengwar Scribe (HKLM-x32\...\Tengwar Scribe) (Version:  - )
Texas Instruments TUSB3410 drivers. (HKLM-x32\...\InstallShield_{FA66245E-0E77-40D5-94A4-CB7AB753034F}) (Version: 6.5.9019.1 - Texas Instruments Inc.)
The Room (HKLM-x32\...\Steam App 288160) (Version:  - Fireproof Games)
Total Immersion D'Fusion @Home Web Plug-In (HKLM-x32\...\D'Fusion @Home Web Plug-In) (Version:  - Total Immersion)
Trendpoker 3D - Texas Hold'em Poker (HKLM-x32\...\{1395FC46-F870-4F09-A48D-959213281E08}_is1) (Version: 1.9 - BUFOproject)
TUSB3410 (x32 Version: 6.5.9019.1 - Texas Instruments Inc.) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnInstall MyScriptStylus (HKLM-x32\...\MyScript Stylus_is1) (Version:  - Vision Objects)
USB2.0 Card Reader Software (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.0.6000.75 - Realtek)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
V-Drums Friend Jam (x32 Version: 4.0.2 - Roland Corporation) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}) (Version: 8.0.0.35 - GRISOFT, s.r.o.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3400 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Phone (HKLM-x32\...\{3AAB5D08-28EA-4A4F-88C5-6906B880E81B}) (Version: 0.9.3426.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Xilisoft iPhone Klingelton Maker (HKLM-x32\...\Xilisoft iPhone Ringtone Maker) (Version: 2.0.4.0226 - Xilisoft)
Xilisoft Video Converter Standard (HKLM-x32\...\Xilisoft Video Converter Standard) (Version: 5.1.39.0409 - Xilisoft)
XING Connector 1.2 (HKLM\...\XING Connector) (Version: 1.2 - XING AG)
Xtra Controller (HKLM-x32\...\{59579B12-97E6-437E-B988-BA032165D355}) (Version: 3.2.0.1 - Hercules)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{01E9FAE9-3819-4dd9-B1D9-998A1C62D1F8}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Usersxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4067268467-3182437459-1756596644-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

06-04-2015 20:44:39 LavasoftWeCompanion
08-04-2015 03:01:38 Windows Update
09-04-2015 17:06:09 Revo Uninstaller's restore point - AVG PC TuneUp 2015
09-04-2015 17:11:46 Revo Uninstaller's restore point - Web Companion
09-04-2015 17:56:57 Removed Java 8 Update 40
09-04-2015 18:03:23 AA11
11-04-2015 03:00:38 Windows Update
12-04-2015 03:00:19 Windows Update
13-04-2015 03:01:17 Windows Update
13-04-2015 21:02:17 Revo Uninstaller's restore point - Adobe Photoshop CS4
14-04-2015 03:00:49 Windows Update
14-04-2015 16:57:18 Removed AVG 2015
14-04-2015 20:17:35 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.1.4.1018

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-15 00:31 - 00449982 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05C10839-A3A2-42A1-B85F-5EF5C86B65FA} - System32\Tasks\{B694620C-2086-48F1-89E9-CFF1291C9460} => pcalua.exe -a "C:\Users\xxx\Downloads\ddbac(1).exe" -d "C:\Users\xxx\Downloads"
Task: {090F67E6-4FAD-476D-B4F8-AAC4A6C72C6F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-05-26] (Microsoft Corporation)
Task: {1270FEC0-5181-41BA-9225-C6CC97F03C0E} - System32\Tasks\DivX Update => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-08] ()
Task: {1ED730EA-A80C-4C59-BCF6-EB441FD2C55F} - System32\Tasks\{3AAF266F-B930-4ADC-8B94-784B601CF329} => pcalua.exe -a "C:\Program Files (x86)\EcrSystem\Uninstall.exe" -d "C:\Program Files (x86)\EcrSystem"
Task: {1F21406E-F8A4-41AB-80C2-A07857128F81} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {21A02C1B-1DC5-40C2-B8FE-90B36A043E88} - System32\Tasks\{37474F1E-DD2E-46ED-A5E3-6B41977D1A59} => pcalua.exe -a D:\LxSetup.exe -d D:\
Task: {2A1349A8-768C-4712-BC8B-BC2831EA2C4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {3117EE58-ABA2-412D-93BB-09F2FD6F8B3A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {40F40A85-F434-4F9A-9EB9-3F0EA7D71643} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2014-01-28] (Abelssoft)
Task: {42376701-A647-4B1C-8431-396A7212C35A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {50765239-4913-4346-B51F-B15422AD21FA} - System32\Tasks\{553DA046-FD29-4C8A-B792-0696B54E8992} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25] (Skype Technologies S.A.)
Task: {590B87E2-1F51-4373-BE90-51D74F668D9F} - System32\Tasks\{3050EFDC-0E6B-4F44-B0D7-92BBD7FCE85E} => pcalua.exe -a "C:\Users\xxx\Documents\DVDVideoSoft\DVSUninstall.exe" -d "C:\Users\xxx\Documents\DVDVideoSoft"
Task: {64086D9D-9AF9-4C49-88EC-5BF76B67D242} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {65EE0053-A5AD-4451-8837-87AD8E0C3010} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-12-20] ()
Task: {67B57B45-1A48-4092-B828-D9D7A328CB81} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {6D322EAC-FAE7-406E-BD69-EF074ABF7088} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {95627600-61A7-4BD7-8645-F880718F5C2A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {9F908E6D-ABCD-4D00-AEC2-8713A99F6D9C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A4CA6E45-2C72-499F-AA43-F15A9A86C977} - System32\Tasks\{73BE966D-7EB5-479A-9376-5C03F7473200} => pcalua.exe -a "C:\Program Files (x86)\Azureus\Uninstall.exe"
Task: {A5932482-6FC9-4CFA-9297-6E242EF94219} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {A819B4A6-226B-4412-BF66-507EA8BC9607} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {A85089BA-1EBB-4F91-ADD5-8FF7288D21D3} - System32\Tasks\{E8907E42-18F3-452E-83B0-28BC62D071AD} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.166.259/de/go/help.faq.installer?LastError=1641
Task: {B55C24FC-012A-49CF-8E63-CBFF51DED791} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2014-02-24] (File Type Advisor)
Task: {B7AE76E1-D1BD-41E6-A93C-7B5FCB47E4C7} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?LinkId=116866
Task: {BC201058-B2D2-4D5E-A9D0-66F21678082F} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-05-21] (Microsoft Corporation)
Task: {BC3D8A10-8DE7-4973-8662-CDB641E1BD88} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4B68FF7-4F7F-436C-89B1-15AEAB5DBFD7} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-10-19] ()
Task: {CE5A8F34-74C2-40F4-AB36-4EEEA3729642} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2014-02-24] (                                                            )
Task: {E07E5FF7-CDFE-4871-BD81-4EC82C2B5001} - System32\Tasks\Automatische Wartung => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\WO2010cbe.exe [2009-12-21] (Ashampoo GmbH & Co. KG)
Task: {E2F4204B-C97D-461F-BE56-A54C4AD36690} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E74E6F9F-EF7D-46ED-9AE7-E4FAE1CFF691} - System32\Tasks\AdobeAAMUpdater-1.0-xxx => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {F6999B19-E08C-4C05-B392-BA5DA664D3C7} - System32\Tasks\HP AR Program Upload - 95a8ddc2446f48688600bed5f8a5c0368c0661a8620f42c7877bb19b9936bdf3 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Automatische Wartung.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 CBE\WO2010cbe.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) ==============

2012-11-19 08:34 - 2012-12-29 10:40 - 00087480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-11-10 19:04 - 2006-02-23 13:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2009-11-10 19:04 - 2006-02-22 12:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2009-10-19 17:26 - 2009-03-02 14:06 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2011-09-15 13:06 - 2011-09-15 13:06 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-10-17 17:30 - 2013-06-12 15:54 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2014-06-10 20:53 - 2014-01-28 17:33 - 00019744 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll
2014-06-10 20:53 - 2014-01-28 17:33 - 00014112 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-02-12 21:20 - 2011-01-17 21:09 - 00914664 _____ () C:\Windows\system32\atwtusb.exe
2011-02-12 21:20 - 2010-12-24 16:30 - 07319784 _____ () C:\Windows\System32\WTMKM.exe
2012-07-02 09:11 - 2012-07-02 09:11 - 02498048 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2014-10-17 17:30 - 2013-06-26 10:56 - 00241664 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
2012-07-03 14:21 - 2012-07-03 14:21 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-07-03 14:21 - 2012-07-03 14:21 - 00754376 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-10-22 21:45 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2009-10-19 17:26 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2015-04-03 15:36 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-03 15:36 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-03 15:36 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-04-03 15:36 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-03 15:36 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-10-17 17:30 - 2013-06-12 15:54 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2012-05-16 21:01 - 2012-05-16 21:01 - 00140800 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2012-07-02 09:11 - 2012-07-02 09:11 - 00198144 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 15:22 - 2012-06-17 15:22 - 00012800 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2012-02-15 01:05 - 2012-02-15 01:37 - 11796096 _____ () C:\Users\***\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
2014-10-17 17:30 - 2013-04-24 17:47 - 00004608 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\GerRes.dll
2015-03-24 17:01 - 2014-11-11 11:19 - 01703424 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll
2015-03-24 17:01 - 2013-08-25 21:52 - 00728576 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libGLESv2.dll
2015-03-24 17:01 - 2013-08-25 21:52 - 00048128 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libEGL.dll
2015-03-24 17:01 - 2013-08-25 21:59 - 00833024 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll
2009-10-20 19:33 - 2004-07-26 17:11 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2015-04-14 20:15 - 2015-04-14 20:15 - 00043008 _____ () c:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprgqrki.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\xxx\Documents\MailOut_Bsp1.eml:OECustomProperty
AlternateDataStreams: C:\Users\xxx\Documents\MailOut_Bsp2.eml:OECustomProperty
AlternateDataStreams: C:\Users\xxx\Documents\MailOut_Bsp3.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gambali => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4067268467-3182437459-1756596644-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lexware Info Service.lnk => C:\Windows\pss\Lexware Info Service.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2010 Zahlungserinnerung.lnk => C:\Windows\pss\Quicken 2010 Zahlungserinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Startcenter.lnk => C:\Windows\pss\FRITZ!DSL Startcenter.lnk.Startup
MSCONFIG\startupfolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^klickTel OEM 2007 - Schnellstarter.lnk => C:\Windows\pss\klickTel OEM 2007 - Schnellstarter.lnk.Startup
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupOutlook => "C:\Program Files (x86)\Wisco\BackupOutlook\BackupOutlook.exe" silent
MSCONFIG\startupreg: FreeRAM XP => "C:\Program Files (x86)\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Picasa Media Detector => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: STAMPIT-Tray => C:\Program Files (x86)\STAMPIT\Binary\Stray.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UIWatcher => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

==================== Accounts: =============================

Administrator (S-1-5-21-4067268467-3182437459-1756596644-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-4067268467-3182437459-1756596644-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4067268467-3182437459-1756596644-1004 - Limited - Enabled)
xxx (S-1-5-21-4067268467-3182437459-1756596644-1001 - Administrator - Enabled) => C:\Users\xxxx
UpdatusUser (S-1-5-21-4067268467-3182437459-1756596644-1008 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2015 07:15:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10124

Error: (04/14/2015 07:15:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10124

Error: (04/14/2015 07:15:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2015 07:15:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126

Error: (04/14/2015 07:15:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126

Error: (04/14/2015 07:15:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2015 07:15:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8127

Error: (04/14/2015 07:15:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8127

Error: (04/14/2015 07:15:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2015 07:15:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7129


System errors:
=============
Error: (04/14/2015 08:18:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (04/14/2015 08:17:12 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 80.

Error: (04/14/2015 08:15:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (04/14/2015 08:15:21 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/14/2015 08:14:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.

Error: (04/14/2015 08:12:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
acedrv07

Error: (04/14/2015 08:12:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG PC TuneUp Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/14/2015 06:03:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (04/14/2015 06:03:12 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/14/2015 06:02:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.


Microsoft Office Sessions:
=========================
Error: (04/14/2015 07:15:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10124

Error: (04/14/2015 07:15:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10124

Error: (04/14/2015 07:15:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2015 07:15:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126

Error: (04/14/2015 07:15:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126

Error: (04/14/2015 07:15:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2015 07:15:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8127

Error: (04/14/2015 07:15:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8127

Error: (04/14/2015 07:15:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/14/2015 07:15:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7129


CodeIntegrity Errors:
===================================
  Date: 2015-04-15 06:06:41.326
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-14 20:10:41.220
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-14 20:10:41.126
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-14 20:05:17.576
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-14 19:20:31.522
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-14 18:12:19.689
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-14 17:57:33.772
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-14 17:57:33.678
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-14 17:45:06.335
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-14 17:45:06.179
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 54%
Total physical RAM: 6142.49 MB
Available physical RAM: 2779.91 MB
Total Pagefile: 12283.17 MB
Available Pagefile: 8459.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:601.51 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:931.5 GB) (Free:873.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BF2EBF2E)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: DF8203A6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Antwort

Themen zu Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name
ads, arbeiten, ausgeschaltet, blöde, eingefangen, entweder, extrem, fenster, fenster öffnen sich, freue, gefangen, gen, laufe, laufen, malware, malwarebytes, pause, popups, power, problem, programme, rechner, werbepopups, werbung, würde, zusätzliche, öffnen



Ähnliche Themen: Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name


  1. zusätzliche Browserfenster öffnen sich mit Werbung im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 19.04.2014 (20)
  2. zusätzliche Browser-Fenster öffnen sich von allein (Chrome/Firefox)
    Plagegeister aller Art und deren Bekämpfung - 10.03.2014 (3)
  3. Windows 7 - Malware? - Fenster öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 10.03.2014 (23)
  4. Windows 7: FBDownloaderSearch macht sich zur Startseite im Browser, popup-Fenster öffnen sich
    Log-Analyse und Auswertung - 17.12.2013 (9)
  5. Fenster verkleinern/verstecken sich, lassen sich nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 28.12.2010 (2)
  6. Fenster öffnen sich von alleine
    Log-Analyse und Auswertung - 04.11.2009 (3)
  7. Unerwünschte zusätzliche Firefox-Fenster (ähnlich den anderen Posts...)
    Log-Analyse und Auswertung - 05.01.2009 (0)
  8. Uhr verstellt sich, ungewollte Fenster öffnen sich während dem Surfen
    Log-Analyse und Auswertung - 20.09.2008 (0)
  9. Es öffnen sich einfach so Werbepopups ohne das Iexplorer offen ist.
    Log-Analyse und Auswertung - 17.07.2008 (0)
  10. Zusätzliche Fenster im Internet Explorer (Werbung)
    Log-Analyse und Auswertung - 09.07.2008 (6)
  11. ICQ Fenster öffnen sich v. selbst
    Log-Analyse und Auswertung - 30.01.2007 (2)
  12. Fenster öffnen sich im Sekundentakt
    Log-Analyse und Auswertung - 08.11.2006 (12)
  13. Fenster Öffnen sich!
    Log-Analyse und Auswertung - 22.12.2005 (1)
  14. Fenster öffnen sich von alleine....
    Log-Analyse und Auswertung - 28.10.2005 (5)
  15. Fenster öffnen sich von selber
    Log-Analyse und Auswertung - 27.10.2005 (1)
  16. sobald ich den internet exploder öffne öffnen sich ständig Werbepopups
    Log-Analyse und Auswertung - 30.05.2005 (1)
  17. Fenster öffnen und schließen sich
    Plagegeister aller Art und deren Bekämpfung - 01.01.2005 (4)

Zum Thema Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name - Hallo, auch ich habe mir so eine blöde Malware eingefangen, zig Werbepopups und zusätzliche Fenster öffnen sich, wo dann entweder Ads by Name oder Power by Name steht. Habe selber - Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name...
Archiv
Du betrachtest: Malware eingefangen - zig Werbepopups & zusätzliche Fenster öffnen sich - ADS Power by Name auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.