MalWareBytes Logfile

OpaPaule · 08.06.2015, 15:29

Hallo,

ich habe heute mal MalWareByte AntiMalware installiert und laufen lassen. Ich trau mich aber nicht die gefundenen Objekte zu löschen. Hab mal hier das Ergebnis angehängt. Mein BS ist übrigens Windows 10 Pro 64 Bit v- 10074

Danke!

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 08.06.2015
Suchlauf-Zeit: 16:02:57
Logdatei: MalWareBytes 8.6.15.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.08.03
Rootkit Datenbank: v2015.06.02.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: JÃ¼rgen

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 430276
Verstrichene Zeit: 6 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 12
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserV03.06, , [4af9685047432f070ecd78fd030319e7],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HQ Video Pro 3.1cV04.06, , [0a39a31524662a0c7665df96f511a957],
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV03.06, , [1033f9bf3753ef4791218c5e17ec18e8],
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV03.06-nv-ie, , [3c071a9e56340c2a684a9c4eab58c63a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV04.06, , [60e3694f008aee48d44036bff70cd52b],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV04.06-nv-ie, , [76cd397f5d2dc2749e76a055c53e8b75],
PUP.Optional.SaleCharger.A, HKLM\SOFTWARE\WOW6432NODE\SaleCharger, , [bb889f193a50d26436a30a76f312d828],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [db68c0f8266413232956e2082bd8bb45],
PUP.Optional.BrowserApps.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\BrowserV03.06-nv-ie, , [a79ce9cf404a4ee8f8bb27c3e41f0ff1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\HQ Video Pro 3.1cV04.06-nv-ie, , [f84ba216ee9c5ed87d98f8fdd52e14ec],
PUP.Optional.ReImageRepair.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., , [172c7e3a21697bbbb656780eb550ff01],
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7D6A4E92-DA7F-185F-9B56-4237FE681640}, , [61e28a2eb6d49f979d162020f511a25e],

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 6
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06, , [23204e6a98f23006adcf8d5c54afbd43],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06, , [b98a17a15c2e0036017b3daca85b3bc5],
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116, , [1f24199feb9fca6c111c705ae51ed22e],
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682, , [053e00b84743e3532b02ab1f7b88a55b],

Dateien: 72
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06\Uninstall.exe, , [4af9685047432f070ecd78fd030319e7],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\Uninstall.exe, , [0a39a31524662a0c7665df96f511a957],
PUP.Optional.BrowserApps.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\2314.exe, , [e16234848ffbb6804640581c47bf12ee],
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\ReimagePackage.exe, , [3b08843418720d29fa376206e22021df],
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\ReiSysUpdate.exe, , [df646a4ee9a1c86ea78ad692a85a748c],
PUP.Optional.HQVideoPro.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\0bba789d-7126-40d1-a124-c198f753ca0b\setup.exe, , [4bf8e4d48a0085b1ffff234fa1656c94],
PUP.Optional.WebBar.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\2b362db1-9ce5-47b1-bfe9-6b211a909fbf\web_bar_setup.exe, , [98ab7d3b71193006edfeab971ae84cb4],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdate.exe, , [47fc536534563afcbcbb69e3e81a19e7],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateBroker.exe, , [4af9a5131f6b0333fd7af25aad5527d9],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateCrashHandler.exe, , [c97a724671196bcb97e0f755ed155ba5],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateOnDemand.exe, , [9ea54b6dd9b18bab0c6b4309ac5621df],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\goopdate.dll, , [f84befc91872e05696e1bd8fa75bde22],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\goopdateres_en.dll, , [90b37d3b4f3be452e790103c0ff3837d],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\npglobalupdateUpdate4.dll, , [ff4403b5dbaf31058becff4dae5423dd],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\psmachine.dll, , [e45f5860b6d42313cdaa75d714eee31d],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\psuser.dll, , [46fd209892f8191db4c3b6963bc77d83],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdate.exe, , [0043ac0ccebc0f272c4baf9db84a49b7],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateBroker.exe, , [9ea53d7bccbeae88c3b4a3a96d957f81],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateCrashHandler.exe, , [5fe43a7e38527abce29553f906fc966a],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateOnDemand.exe, , [88bbd4e4038723131463fc50a260b34d],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\goopdate.dll, , [73d041774446ac8a4c2bca8236cc34cc],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\goopdateres_en.dll, , [9ea588303555a98d79fe4c00e919b54b],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\npglobalupdateUpdate4.dll, , [400309afccbeaf870671c686e0221de3],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\psmachine.dll, , [e1627e3a0a800d29a1d6e6662cd631cf],
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\psuser.dll, , [da69d0e8c0ca7db93a3df953b84a9070],
PUP.Optional.APNToolBar.A, C:\Users\JÃ¼rgen\Documents\APNSetup1.exe, , [182bd5e3018956e0aca8fd67f0126997],
PUP.Optional.Bundle, C:\Users\JÃ¼rgen\Downloads\Brothersoft_downloader_For_Cash_Flow.exe, , [f64dfdbbcac010268156ef30946eff01],
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\dexpot_1614_r2439_CB-DL-Manager.exe, , [e85b1d9ba6e4a69071e997d0e919da26],
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\dixmlsetup_CB-DL-Manager.exe, , [142f07b12169072f3e1c2740f21003fd],
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\EfficientPIMFree-Setup_CB-DL-Manager.exe, , [2c17e7d14248261081d9adbae12126da],
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\PureSyncInst_CB-DL-Manager.exe, , [45fe6553e0aa49ed0f4bfd6ad62cd32d],
PUP.Optional.DomalIQ.SID.A, C:\Users\JÃ¼rgen\Downloads\registry_easy.exe, , [4ff42b8d8bff2e08e65e3d3840c6926e],
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\Downloads\ReimageRepair.exe, , [79ca9b1da3e72313a68bce9aad5528d8],
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\slimdrivers-setup_CB-DL-Manager.exe, , [84bf496f7d0dcc6a62f8db8c03ffa957],
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\spsetup127_CB-DL-Manager.exe, , [44ff0dab1e6c270f362446217e849a66],
PUP.Optional.MultiPlug.A, C:\Users\JÃ¼rgen\Downloads\Abelssoft AntiLogger 2015.full.rar.exe, , [2b18d6e2ee9c5ed8b6ec05703acc55ab],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\wajam.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\amazon.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\argos.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ask.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\bestbuy.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ebay.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\etsy.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\facebook.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\favicon.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\google.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\homedepot.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ikea.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\imdb.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\lowes.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\mercado.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\mysearchweb.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\myshopping.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\searchresult.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\sears.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\setting.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\settings.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\shopping.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\target.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\tesco.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\tripadvisor.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\twitter.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\walmart.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\wiki.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\yahoo.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\zalando.ico, , [51f2d9df8208df574ca386627d869e62],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06\bgNova.html, , [23204e6a98f23006adcf8d5c54afbd43],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\bgNova.html, , [b98a17a15c2e0036017b3daca85b3bc5],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\f81615ae-5d10-4967-9f1d-e3f330bb6a9b.xpi, , [b98a17a15c2e0036017b3daca85b3bc5],
PUP.Optional.WebTInst.A, C:\WINDOWS\System32\drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf, , [da69ae0aacde1c1ad35d559eee151be5],
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateHelper.msi, , [1f24199feb9fca6c111c705ae51ed22e],
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateHelper.msi, , [053e00b84743e3532b02ab1f7b88a55b],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)

(end)

Warlord711 · 08.06.2015, 15:49

Hallo OpaPaule

Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Hier findest du die Anleitung für Hilfesuchende
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten".

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Cursor zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Windows 10 hab ich mir noch nicht "angetan", aber sollte funktionieren:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

OpaPaule · 08.06.2015, 16:25

O.K. hier ist der Inhalt der FRST.TXT (eine ADDITIONAL.TXT finde ich nicht? Hab dafür noch die allgem. Textdataei angefügt).

[CODE]Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Jürgen (administrator) on ASUS-K95VB on 08-06-2015 17:08:51
Running from C:\Users\Jürgen\Downloads
Loaded Profiles: Jürgen (Available Profiles: Jürgen & UpdatusUser)
Platform: Windows 10 Pro Insider Preview (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(QIHU 360 SOFTWARE CO. LIMITED) H:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Qihu Software Co. Limited) H:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\WINDOWS\System32\sihost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IObit) H:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel Corporation) C:\WINDOWS\System32\igfxTray.exe
(Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe
() C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\searchui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\System32\fontdrvhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\remindersserver.exe
(Microsoft Corporation) C:\WINDOWS\System32\ApplicationFrameHost.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 4\program\scalc.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 4\program\soffice.bin
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft AutoRoute 2013\AutoRout.exe
(Farbar) C:\Users\Jürgen\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\WINDOWS\System32\SystemSettingsBroker.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-05-24] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-04] (Avast Software s.r.o.)
HKLM-x32\...\Run: [QHSafeTray] => H:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [287352 2015-05-18] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [AntiLogger] => C:\Program Files (x86)\AntiLogger\AntiLogger.exe [14679464 2014-12-30] (Zemana Ltd.)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7210656 2015-04-25] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7210656 2015-04-25] (Microsoft Corporation)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [OneDrive] => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-24] (Microsoft Corporation)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2015-05-25] (IncrediMail, Ltd.)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [Advanced SystemCare 6] => H:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491856 2013-01-14] (IObit)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94664 2014-12-30] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86400 2014-12-30] (Zemana Ltd.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-04] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:53793;https=127.0.0.1:53793
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-382664376-1932614338-2128433781-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {7D6A4E92-DA7F-185F-9B56-4237FE681640} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-04] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-04] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-25] ()
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-03-13] (Nitro PDF)
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\02220d09-f53e-4ab0-b11e-6e37fb424675.xml [2013-02-14]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\3c42f285-ad6a-4bd8-8af3-ec41cb4a2d08.xml [2013-02-03]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\englische-ergebnisse.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\gmx-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\webde-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{85681726-2887-493D-B28E-EB463B89BDAB}.xml [2011-05-06]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{BE2FB182-94ED-4489-BDDF-10A321B426D4}.xml [2011-05-06]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{F2B519D1-C153-4E1E-8A0A-24F2BB75911B}.xml [2011-05-06]
FF Extension: Logitech Device Detection - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\DeviceDetection@logitech.com [2015-05-25]
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\donottrackplus@abine.com [2015-05-29]
FF Extension: Fasterfox Lite - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\FasterFox_Lite@BigRedBrent [2015-05-29]
FF Extension: Unsubscribe.com - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\firefox@unsubscribe.com [2015-05-25]
FF Extension: TooManyTabs - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\TooManyTabs@visibotech.com [2015-05-29]
FF Extension: Facebook PhotoZoom - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b} [2015-05-25]
FF Extension: Home Extension - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{2E6861CA-9A88-4B7B-B935-F810DE84D259} [2015-05-25]
FF Extension: TV-Fox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2015-05-29]
FF Extension: Flashblock - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-05-29]
FF Extension: ReminderFox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2015-05-29]
FF Extension: Preispiraten - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C} [2015-05-25]
FF Extension: TextMarker Go - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{cd6c4ebf-366e-45a0-98b5-b8217288eed7} [2015-05-29]
FF Extension: CSHelper - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2015-05-29]
FF Extension: Bitdefender QuickScan - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-29]
FF Extension: Memory Fox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2015-05-29]
FF Extension: App Advisor for Facebook - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\2c0ce700-f746-11e1-a21f-0800200c9a66@jetpack.xpi [2015-05-25]
FF Extension: about:addons-memory - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\about-addons-memory@tn123.org.xpi [2015-05-25]
FF Extension: About sessionstore - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\aboutsessionstore@dt.xpi [2015-05-27]
FF Extension: Bookmark Favicon Changer - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\bookmarkfaviconchanger@sonthakit.xpi [2015-05-25]
FF Extension: InvisibleHand - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2015-05-25]
FF Extension: Facebook Disconnect - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\facebook@disconnect.me.xpi [2015-05-25]
FF Extension: GuteGutscheine - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\gutegutscheine@gutegutscheine.com.xpi [2015-05-25]
FF Extension: Facebook Blocker - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\info@skymeissner.com.xpi [2015-05-25]
FF Extension: Lightbeam - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-05-25]
FF Extension: Keyword Search - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\keywordsearch@kaply.com.xpi [2015-05-25]
FF Extension: NoSquint - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\nosquint@urandom.ca.xpi [2015-05-25]
FF Extension: Simple Boss Key - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\simplebosskey@ttt-jl.blogspot.com.xpi [2015-05-29]
FF Extension: Free Hide IP - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\support@free-hideip.com.xpi [2015-05-25]
FF Extension: Mask My IP - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\support@mask-myip.com.xpi [2015-05-25]
FF Extension: Tab Counter - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabcounter@morac.xpi [2015-05-25]
FF Extension: Tab Popup - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabpopup@adarsh.tp.xpi [2015-05-25]
FF Extension: Tab Wheel Scroll - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabscroll@mthamil.xpi [2015-05-25]
FF Extension: Tab Utilities - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabutils@ithinc.cn.xpi [2015-05-25]
FF Extension: Tree Style Tab - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2015-05-25]
FF Extension: Session Manager - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-05-25]
FF Extension: Panic Button - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{24cea704-946d-11da-a72b-0800200c9a66}.xpi [2015-05-25]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2015-05-25]
FF Extension: Minimap Addon - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{398e77b8-2304-11dc-8314-0800200c9a66}.xpi [2015-05-25]
FF Extension: Google Shortcuts - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2015-05-25]
FF Extension: NoScript - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-25]
FF Extension: {73cdfea6-3722-4bf6-8c28-abdfc75aca0d} - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{73cdfea6-3722-4bf6-8c28-abdfc75aca0d}.xpi [2015-05-25]
FF Extension: Page Title Eraser - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{791DB184-BFBA-11DA-9C61-0638DF403F48}.xpi [2015-05-25]
FF Extension: TabRenamizer - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}.xpi [2015-05-25]
FF Extension: ImTranslator - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2015-05-25]
FF Extension: Password Exporter - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2015-05-25]
FF Extension: Video DownloadHelper - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-06-08]
FF Extension: CoolPreviews - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2015-05-25]
FF Extension: Adblock Plus - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-25]
FF Extension: Tab Mix Plus - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-05-25]
FF Extension: html updater - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{dfc9c4c1-eb54-4db2-9daa-3060ff54fac4}.xpi [2015-05-25]
FF Extension: Greasemonkey - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-25]
FF Extension: Sothink Web Video Downloader for Firefox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2015-05-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-04]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - H:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - H:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-06-06]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AJRouter; C:\Windows\System32\AJRouter.dll [19968 2015-04-25] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-04] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [325120 2015-04-25] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [51712 2015-04-25] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [539136 2015-04-25] (Microsoft Corporation)
R2 CoreUIRegistrar; C:\Windows\system32\coremessaging.dll [709240 2015-04-25] (Microsoft Corporation)
R2 CoreUIRegistrar; C:\Windows\SysWOW64\coremessaging.dll [476672 2015-04-25] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [195584 2015-04-25] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [32256 2015-04-25] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagnosticsHub.StandardCollector.Service.exe [26624 2015-04-25] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [269312 2015-04-25] (Microsoft Corporation)
S2 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [111616 2015-04-25] (Microsoft Corporation)
S2 DoSvc; C:\Windows\system32\svchost.exe [39992 2015-04-25] (Microsoft Corporation)
S2 DoSvc; C:\Windows\SysWOW64\svchost.exe [34800 2015-04-25] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [140288 2015-04-25] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [249344 2015-04-25] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-05-24] (ELAN Microelectronics Corp.)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [114176 2015-04-25] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2015-05-27] (Intel Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [23040 2015-04-25] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [18944 2015-04-25] (Microsoft Corporation)
S3 MapsBroker; C:\Windows\System32\moshost.dll [159232 2015-04-25] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [333824 2015-04-25] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [236544 2015-04-25] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [421376 2015-04-25] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-03-13] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [646656 2015-04-25] (Microsoft Corporation)
R2 QHActiveDefense; H:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [839792 2015-05-18] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RetailDemo; C:\Windows\system32\RetailDemoService.dll [709120 2015-04-25] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [162304 2015-04-25] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [594944 2015-04-25] (Microsoft Corporation)
S3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2626560 2015-04-25] (Microsoft Corporation)
S3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [1865728 2015-04-25] (Microsoft Corporation)
R3 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [446464 2015-04-25] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [631808 2015-04-25] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [316928 2015-04-25] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [450048 2015-04-25] (Microsoft Corporation)
S3 WalletSvc; C:\Windows\system32\WalletService.dll [482304 2015-04-25] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [352880 2015-04-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16728 2015-04-25] (Microsoft Corporation)
S3 WpnService; C:\Windows\system32\WpnService.dll [48640 2015-04-25] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [705024 2015-04-25] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1107968 2015-04-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-05-18] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-05-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-05-18] (Qihu 360 Software Co., Ltd.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [17008 2013-12-18] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [17008 2013-12-18] ()
R1 AntiLog32; C:\WINDOWS\system32\drivers\AntiLog64.sys [49752 2015-06-07] (Zemana Ltd.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-04] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-04] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-04] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-04] ()
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3837440 2015-06-02] (Qualcomm Atheros Communications, Inc.)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-05-18] (Qihu 360 Software Co., Ltd.)
S3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2015-05-26] (Brother Industries Ltd.)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [31232 2015-04-25] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [102912 2015-04-25] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38888 2015-04-25] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_b1983a736b1fed34\CompositeBus.sys [39424 2015-04-25] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3437032 2015-04-25] (QLogic Corporation)
S3 fcvsc; C:\Windows\System32\drivers\fcvsc.sys [30720 2015-04-25] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83456 2015-04-25] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfnclass.sys [20480 2015-04-25] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [48104 2015-04-25] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424936 2015-04-25] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [27648 2015-04-25] (Microsoft Corporation)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd.)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [103912 2015-04-25] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [90600 2015-04-25] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59880 2015-04-25] (Avago Technologies)
R2 mirahid; C:\Windows\System32\drivers\mirahid.sys [35840 2015-04-25] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705512 2015-04-25] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [38400 2015-04-25] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76264 2015-04-25] (Mellanox)
U5 NdisCap; C:\Windows\System32\Drivers\NdisCap.sys [49664 2015-04-25] (Microsoft Corporation)
U5 NdisWan; C:\Windows\System32\Drivers\NdisWan.sys [187904 2015-04-25] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [66560 2015-04-25] ()
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [94208 2015-04-25] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_Session1; No ImagePath
U2 OneSyncSvc_Session6; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58344 2015-04-25] (LSI Corporation)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58856 2015-04-25] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
S3 PimIndexMaintenanceSvc_Session1; No ImagePath
U3 PimIndexMaintenanceSvc_Session6; No ImagePath
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [933864 2015-04-25] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-04-25] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-27] (Realsil Semiconductor Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61440 2015-04-25] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [39912 2015-04-25] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_c3e4290174519138\swenum.sys [17384 2015-04-25] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [43008 2015-04-25] ()
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [239592 2015-04-25] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [89576 2015-04-25] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [123368 2015-04-25] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
S3 UnistoreSvc_Session1; No ImagePath
U3 UnistoreSvc_Session6; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [19456 2015-04-25] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [52200 2015-04-25] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [18432 2015-04-25] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
S3 UserDataSvc_Session1; No ImagePath
U3 UserDataSvc_Session6; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [28672 2015-04-25] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [683520 2015-04-25] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117224 2015-04-25] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [105504 2015-04-25] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [16928 2015-04-25] (Microsoft Corporation)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2012-12-31] (WinISO.com)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [27112 2015-04-25] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59368 2015-04-25] (Mellanox)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-04-25] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: dosvc -> No ServiceDLL Path.
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RetailDemoService.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: WalletSvc -> C:\Windows\system32\WalletService.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-08 17:05 - 2015-06-08 17:08 - 00000000 ____D C:\FRST
2015-06-08 16:59 - 2015-06-08 16:59 - 00016148 _____ C:\WINDOWS\system32\ASUS-K95VB_Jürgen_HistoryPrediction.bin
2015-06-08 16:02 - 2015-06-08 16:02 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 16:01 - 2015-06-08 16:01 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-08 16:01 - 2015-06-08 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-06-08 16:01 - 2015-06-08 16:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-06-08 16:01 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-08 16:01 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-08 16:01 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-08 12:20 - 2015-06-08 12:20 - 00701351 _____ C:\Users\Jürgen\UStErkl 8.6.15.zip
2015-06-08 11:08 - 2015-06-08 11:08 - 00000000 ___HD C:\OneDriveTemp
2015-06-08 07:23 - 2015-06-08 07:23 - 00000000 ____D C:\Users\Jürgen\AppData\Local\HL
2015-06-08 07:15 - 2015-06-08 07:15 - 00000000 ____D C:\ProgramData\AAV
2015-06-08 07:14 - 2015-06-08 07:19 - 00002124 _____ C:\Users\Public\Desktop\TAXMAN 2015.lnk
2015-06-08 07:14 - 2015-06-08 07:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2015-06-08 07:14 - 2015-06-08 07:15 - 00000000 ____D C:\Program Files (x86)\Lexware
2015-06-08 07:12 - 2015-06-08 07:12 - 00000000 ____D C:\ProgramData\HL
2015-06-08 06:43 - 2015-06-08 06:43 - 00000000 ____D C:\Users\Jürgen\Downloads\noscript_security_suite-2.6.9.26-sm_fn_fx
2015-06-08 06:29 - 2015-06-08 06:29 - 00001226 _____ C:\Users\Jürgen\Desktop\ChrisPC Win Experience Index.lnk
2015-06-08 06:29 - 2015-06-08 06:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC Win Experience Index
2015-06-08 06:29 - 2015-06-08 06:29 - 00000000 ____D C:\Program Files (x86)\ChrisPC Win Experience Index
2015-06-08 04:58 - 2015-06-08 04:58 - 01329000 _____ (Chris P.C. srl ) C:\Users\Jürgen\Downloads\setup_chrispc_wei_3_30.exe
2015-06-08 04:54 - 2015-06-08 04:54 - 00561331 _____ C:\Users\Jürgen\Downloads\noscript_security_suite-2.6.9.26-sm_fn_fx.zip
2015-06-08 04:51 - 2015-06-08 04:51 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-08 04:47 - 2015-06-08 04:47 - 02108928 _____ (Farbar) C:\Users\Jürgen\Downloads\FRST64(1).exe
2015-06-07 19:39 - 2015-06-07 19:39 - 00004180 _____ C:\Users\Jürgen\Desktop\JRT.txt
2015-06-07 19:36 - 2015-06-07 19:36 - 00000000 ____D C:\RegBackup
2015-06-07 19:33 - 2015-06-07 19:34 - 02942406 _____ (Thisisu) C:\Users\Jürgen\Desktop\JRT.exe
2015-06-07 19:17 - 2015-06-08 11:07 - 00265400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-07 19:10 - 2015-06-07 19:10 - 00000000 __SHD C:\found.002
2015-06-07 18:30 - 2014-08-03 08:23 - 00362029 _____ C:\WINDOWS\system32\sqlite3.dll
2015-06-07 08:11 - 2015-06-07 08:11 - 00049752 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\AntiLog64.sys
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 __HDC C:\ProgramData\{02A8F2F7-A05E-4DC5-950D-52243BB4C610}
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\ZALSDK_uninst
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Zemana
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Program Files (x86)\AntiLogger
2015-06-07 08:11 - 2014-12-30 13:31 - 07039960 _____ (Zemana Ltd.) C:\WINDOWS\SysWOW64\ZALSDKCore.dll
2015-06-07 08:11 - 2014-12-30 13:31 - 00076520 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys
2015-06-07 08:10 - 2015-06-07 08:10 - 00000000 ____D C:\Users\Jürgen\Downloads\Zemana.v1.9.3.602
2015-06-07 08:09 - 2015-06-07 08:10 - 15919924 _____ C:\Users\Jürgen\Downloads\Zemana.v1.9.3.602.rar
2015-06-07 07:40 - 2015-06-07 07:40 - 02572664 _____ C:\Users\Jürgen\Downloads\Abelssoft AntiLogger 2015.full.rar.exe
2015-06-07 06:46 - 2015-06-07 06:46 - 00000000 ____D C:\Users\Jürgen\Downloads\AntiLogger
2015-06-07 06:43 - 2015-06-07 06:45 - 05317658 _____ C:\Users\Jürgen\Downloads\AntiLogger.rar
2015-06-06 17:52 - 2015-06-06 17:52 - 00000000 ____D C:\ProgramData\360SD
2015-06-06 17:40 - 2015-06-07 09:27 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\360safe
2015-06-06 17:40 - 2015-06-06 17:49 - 00000000 ____D C:\WINDOWS\Tasks\360Disabled
2015-06-06 17:40 - 2015-06-06 17:44 - 00000000 ____D C:\ProgramData\360Quarant
2015-06-06 17:39 - 2015-06-07 19:45 - 00000000 _RSHD C:\360SANDBOX
2015-06-06 17:39 - 2015-06-06 17:52 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-06-06 17:39 - 2015-06-06 17:40 - 00000000 ____D C:\ProgramData\360safe
2015-06-06 17:39 - 2015-06-06 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-06-06 17:39 - 2015-05-18 12:20 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\WINDOWS\system32\Drivers\360fsflt.sys
2015-06-06 17:39 - 2015-05-18 12:20 - 00305736 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2015-06-06 17:39 - 2015-05-18 12:20 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2015-06-06 17:39 - 2015-05-18 12:20 - 00077896 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys
2015-06-06 17:37 - 2015-06-06 17:37 - 36034168 _____ C:\Users\Jürgen\Downloads\360TS_Setup.exe
2015-06-06 17:35 - 2015-06-06 17:35 - 01332344 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\Jürgen\Downloads\360TS_Setup_Mini.exe
2015-06-06 16:09 - 2015-06-06 16:09 - 00007601 _____ C:\WINDOWS\system32\ScanResults.xml
2015-06-06 16:04 - 2015-06-06 16:04 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-06-05 07:54 - 2015-06-05 07:54 - 01517616 _____ C:\Users\Jürgen\Downloads\PCKeeper Installer.exe
2015-06-05 07:39 - 2015-06-05 07:40 - 00860160 _____ C:\Users\Jürgen\Downloads\adsfix_2_04.06.2015.3.exe
2015-06-05 07:37 - 2015-06-05 07:38 - 00315000 _____ C:\Users\Jürgen\Downloads\winchk_2.0.exe
2015-06-05 07:34 - 2015-06-05 07:34 - 00548774 _____ C:\Users\Jürgen\Downloads\winupdatefix_1.3.exe
2015-06-05 07:32 - 2015-06-05 07:32 - 02231296 _____ C:\Users\Jürgen\Desktop\adwcleaner_4.206.exe
2015-06-04 20:13 - 2015-06-04 20:13 - 00001233 _____ C:\Users\Jürgen\Desktop\Photo Background Remover.lnk
2015-06-04 20:13 - 2015-06-04 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Background Remover
2015-06-04 20:13 - 2015-06-04 20:13 - 00000000 ____D C:\Program Files (x86)\Photo Background Remover
2015-06-04 19:59 - 2015-06-07 19:21 - 00004828 _____ C:\WINDOWS\PFRO.log
2015-06-04 19:59 - 2015-06-04 19:59 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-04 19:59 - 2015-06-04 19:59 - 00000000 _____ C:\WINDOWS\setupact.log
2015-06-04 16:54 - 2015-06-04 16:54 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\AVAST Software
2015-06-04 16:53 - 2015-06-07 18:55 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-04 16:53 - 2015-06-04 16:53 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-06-04 16:53 - 2015-06-04 16:53 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-04 16:53 - 2015-06-04 16:53 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-04 16:53 - 2015-06-04 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-04 16:52 - 2015-06-04 16:52 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-04 16:51 - 2015-06-04 16:52 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-04 16:51 - 2015-06-04 16:51 - 05481344 _____ (Avast Software s.r.o.) C:\Users\Jürgen\Downloads\avast_free_antivirus_setup.exe
2015-06-04 13:04 - 2015-06-04 13:04 - 00003220 _____ C:\WINDOWS\System32\Tasks\ASC6_PerformanceMonitor
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\IObit
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\ProgramData\IObit
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2015-06-04 12:53 - 2015-06-08 16:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-04 12:53 - 2015-06-04 12:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Malwarebytes
2015-06-04 11:15 - 2015-06-04 11:15 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Ad-Aware Antivirus
2015-06-04 08:38 - 2015-06-04 08:38 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-04 08:38 - 2015-06-04 08:38 - 00001040 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-04 08:36 - 2015-06-04 08:36 - 00001825 _____ C:\Users\Public\Desktop\eFix Pro.lnk
2015-06-04 08:36 - 2015-06-04 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro
2015-06-04 08:36 - 2015-06-04 08:36 - 00000000 ____D C:\Program Files\eFix
2015-06-04 08:34 - 2015-06-04 08:35 - 00776792 _____ (Reimage®) C:\Users\Jürgen\Downloads\eFixPro.exe
2015-06-04 08:32 - 2015-06-07 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer
2015-06-04 08:32 - 2015-06-04 08:32 - 00001496 _____ C:\Users\Jürgen\Desktop\Resume Registry Easy.lnk
2015-06-04 08:31 - 2015-06-06 17:42 - 00000000 ____D C:\Program Files (x86)\WaInternetEnhancer
2015-06-04 08:31 - 2015-06-06 17:42 - 00000000 ____D C:\Program Files (x86)\BrowserV03.06
2015-06-04 08:31 - 2015-06-04 08:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-06-04 08:30 - 2015-06-06 17:42 - 00000000 ____D C:\Program Files (x86)\HQ Video Pro 3.1cV04.06
2015-06-04 08:29 - 2015-06-04 08:29 - 00579064 _____ C:\Users\Jürgen\Downloads\registry_easy.exe
2015-06-04 07:58 - 2015-06-04 07:58 - 00001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-06-04 07:58 - 2015-06-04 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-06-04 07:58 - 2015-06-04 07:58 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-04 07:58 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-06-04 07:52 - 2015-06-04 07:52 - 00000000 ____D C:\Users\Jürgen\AppData\Local\VS Revo Group
2015-06-04 07:52 - 2015-06-04 07:52 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-06-04 07:50 - 2015-06-04 07:50 - 10840062 _____ C:\Users\Jürgen\Downloads\RevoU312.rar
2015-06-04 07:22 - 2015-06-04 07:25 - 00000000 ____D C:\Program Files\CCleaner
2015-06-04 07:22 - 2015-06-04 07:22 - 00002862 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-06-04 07:22 - 2015-06-04 07:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-04 07:22 - 2015-06-04 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-04 07:20 - 2015-06-04 07:20 - 06552640 _____ (Piriform Ltd) C:\Users\Jürgen\Downloads\ccsetup506pro.exe
2015-06-04 06:55 - 2015-06-04 06:55 - 02585202 _____ C:\Users\Jürgen\Downloads\geek.zip
2015-06-04 06:24 - 2015-06-04 06:24 - 01197344 _____ C:\Users\Jürgen\Downloads\GeekUninstaller - CHIP-Installer.exe
2015-06-04 05:54 - 2015-06-04 05:54 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-06-03 06:16 - 2015-06-04 05:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 18:43 - 2015-06-02 18:43 - 03837440 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
2015-06-02 18:05 - 2015-06-02 18:05 - 00001160 _____ C:\Users\Jürgen\Desktop\Driver Magician.lnk
2015-06-02 18:05 - 2015-06-02 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Magician
2015-06-02 18:05 - 2011-02-08 14:58 - 01882104 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.Controls.v15.0.1.ocx
2015-06-02 18:05 - 2004-09-28 11:13 - 00526184 _____ (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) C:\WINDOWS\SysWOW64\XceedCry.dll
2015-06-02 18:05 - 2004-08-11 15:55 - 00110602 _____ C:\WINDOWS\SysWOW64\xcdsfx32.bin
2015-06-02 18:05 - 2004-03-09 00:00 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Comdlg32.ocx
2015-06-02 18:05 - 2004-03-09 00:00 - 00132880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msinet.ocx
2015-06-02 18:04 - 2015-06-06 17:51 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Driver Magician
2015-06-02 18:04 - 2015-06-02 18:07 - 00000000 ____D C:\Program Files (x86)\Driver Magician
2015-06-02 16:22 - 2015-06-02 16:23 - 00000000 ____D C:\Users\Jürgen\Downloads\magischertreiber
2015-06-02 16:21 - 2015-06-02 16:22 - 17430510 _____ C:\Users\Jürgen\Downloads\magischertreiber.rar
2015-06-02 16:09 - 2005-01-12 11:19 - 00456536 _____ (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) C:\WINDOWS\SysWOW64\XCEEDZIP.DLL
2015-06-02 16:09 - 2004-03-09 00:00 - 01081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscomctl.ocx
2015-06-02 15:48 - 2015-06-02 15:50 - 00000000 ____D C:\Program Files (x86)\PowerDataRecovery6.8
2015-06-02 15:48 - 2015-06-02 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.8
2015-06-02 11:11 - 2015-06-02 11:11 - 00000000 ____D C:\Users\Jürgen\Downloads\MiniToolPowerDataRecovery68-op6n2m
2015-06-02 11:10 - 2015-06-02 11:11 - 28167997 _____ C:\Users\Jürgen\Downloads\MiniToolPowerDataRecovery68-op6n2m.zip
2015-05-31 18:23 - 2015-05-31 18:23 - 00000000 ____D C:\Recovery
2015-05-31 16:58 - 2015-05-31 17:31 - 00000000 ___HD C:\$Windows.~BT
2015-05-31 08:39 - 2015-05-21 12:04 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-31 08:39 - 2015-05-21 06:45 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-31 08:38 - 2015-05-31 08:38 - 00001325 _____ C:\Users\Jürgen\Desktop\WinISO.lnk
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WinISO Computing
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Local\WinISO Computing
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2015-05-31 08:38 - 2012-12-31 09:36 - 00204032 _____ (WinISO.com) C:\WINDOWS\system32\Drivers\WinisoCDBus.sys
2015-05-31 08:10 - 2015-05-31 08:30 - 3942459392 _____ C:\Users\Jürgen\Downloads\Windows10_Pro_InsiderPreview_x64_de_10130.iso
2015-05-31 06:09 - 2015-05-31 06:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-30 21:17 - 2015-05-30 21:18 - 05916582 _____ C:\Users\Jürgen\Downloads\Stellar Phoenix Windows Data Recovery Professional 6.0.0.1 Final.rar
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files\MSBuild
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-05-30 17:53 - 2015-05-30 17:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Reincubate
2015-05-30 17:53 - 2015-05-30 17:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2015-05-30 17:53 - 2015-03-30 18:34 - 01166512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-05-30 17:53 - 2015-03-30 18:34 - 00035472 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-05-30 17:53 - 2015-03-30 17:37 - 00778928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-05-30 17:53 - 2015-03-30 17:37 - 00035472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-05-30 16:57 - 2015-05-30 21:24 - 00000000 ____D C:\ProgramData\TEMP
2015-05-30 16:57 - 2015-05-30 18:28 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2015-05-30 16:57 - 2015-05-30 16:57 - 00001309 _____ C:\Users\Jürgen\Desktop\Stellar Phoenix Windows Data Recovery - Home.lnk
2015-05-30 16:57 - 2015-05-30 16:57 - 00000081 _____ C:\WINDOWS\spwdrhgsadeall.INI
2015-05-30 16:57 - 2015-05-30 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Home
2015-05-30 16:57 - 2015-05-30 16:57 - 00000000 ____D C:\Log
2015-05-30 16:56 - 2015-05-30 16:56 - 04042664 _____ (Stellar Information Technology Pvt Ltd ) C:\Users\Jürgen\Downloads\StellarPhoenixWindowsDataRecovery-Home_DE.exe
2015-05-30 16:41 - 2015-05-30 16:42 - 00000000 ____D C:\ProgramData\RegRun
2015-05-30 16:40 - 2015-05-30 16:41 - 00001142 _____ C:\Users\Jürgen\Desktop\Reanimator.lnk
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2015-05-30 16:40 - 2015-05-30 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
2015-05-30 16:40 - 2015-05-30 16:40 - 00000000 ____D C:\Program Files (x86)\Greatis
2015-05-30 07:43 - 2015-05-30 07:44 - 02394098 _____ C:\Users\Jürgen\Downloads\pidgen.v1.1.3.590.zip
2015-05-30 06:39 - 2015-06-06 17:51 - 00000000 ____D C:\ProgramData\Syncovery
2015-05-30 06:15 - 2015-05-30 06:16 - 00302011 _____ C:\Users\Jürgen\Downloads\WindowsUpdateDiagnostic.diagcab
2015-05-29 19:16 - 2015-05-10 23:12 - 42719048 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 30502544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 22961808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 18238040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 16147056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 15967088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 15627688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 14457344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 13265128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 12937304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 11790848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 03285432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02906064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02348688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02083472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435284.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435284.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01156952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01054352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01044624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00983912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00977040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00969032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00502896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00407112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-05-29 17:49 - 2015-05-29 18:19 - 92323562 _____ C:\Users\Jürgen\Downloads\697ht.Syncovery.Pro.7.15d.Build.110.x86x64..Portable.rar
2015-05-29 17:46 - 2015-05-29 17:47 - 290481224 _____ (NVIDIA Corporation) C:\Users\Jürgen\Downloads\352.86-notebook-win8-win7-64bit-international-whql.exe
2015-05-29 17:42 - 2015-05-29 17:42 - 00000000 ____D C:\Users\Jürgen\Downloads\VGA_nVidia_Win81_64_VER918132683
2015-05-29 07:31 - 2015-05-29 07:31 - 00002112 _____ C:\Users\Public\Desktop\IncrediBackup.lnk
2015-05-29 07:31 - 2015-05-29 07:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediBackup
2015-05-29 07:31 - 2015-05-29 07:31 - 00000000 ____D C:\Program Files (x86)\IncrediBackup
2015-05-28 08:20 - 2015-05-28 08:20 - 01014824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00822720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00364360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 06867272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 03485328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 01054352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00937104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-28 08:17 - 2015-05-10 21:41 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-28 08:17 - 2015-05-07 18:51 - 04391542 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-05-28 08:15 - 2015-05-10 23:12 - 11052688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-05-28 08:15 - 2015-05-10 23:12 - 00032079 _____ C:\WINDOWS\system32\nvinfo.pb
2015-05-28 08:15 - 2015-05-10 23:12 - 00031560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-05-28 08:15 - 2013-08-21 13:47 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432683.dll
2015-05-28 08:15 - 2013-08-21 13:47 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432683.dll
2015-05-28 08:11 - 2015-05-28 08:12 - 316360307 _____ C:\Users\Jürgen\Downloads\VGA_nVidia_Win81_64_VER918132683.zip
2015-05-28 08:03 - 2015-05-28 08:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-05-28 05:21 - 2015-05-18 02:46 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-28 05:21 - 2015-05-18 02:45 - 01564672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-28 05:21 - 2015-05-18 02:45 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-28 05:21 - 2015-05-18 02:45 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-05-28 05:21 - 2015-05-18 02:44 - 02755072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-05-28 05:21 - 2015-05-18 02:44 - 02114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-28 05:21 - 2015-05-18 02:43 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-05-28 05:21 - 2015-05-18 02:43 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-05-28 05:21 - 2015-05-18 02:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-05-28 05:21 - 2015-05-18 02:00 - 19622912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-28 05:21 - 2015-05-18 01:49 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-28 05:21 - 2015-05-18 01:49 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-28 05:21 - 2015-05-18 01:48 - 02755072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-05-28 05:21 - 2015-05-18 01:48 - 02037248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-28 05:21 - 2015-05-18 01:48 - 01342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-28 05:21 - 2015-05-18 01:48 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-05-28 05:21 - 2015-05-18 01:47 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-05-28 05:21 - 2015-05-18 01:47 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-05-28 05:21 - 2015-05-18 01:40 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-05-28 05:21 - 2015-05-18 01:04 - 11318784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-28 05:21 - 2015-05-18 01:03 - 20603904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-05-28 05:21 - 2015-05-18 01:00 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-05-28 05:20 - 2015-05-18 05:01 - 03456656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-28 05:20 - 2015-05-18 03:51 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-05-28 05:20 - 2015-05-18 03:30 - 02778456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-28 05:20 - 2015-05-18 03:20 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-28 05:20 - 2015-05-18 02:59 - 24580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-28 05:20 - 2015-05-18 02:50 - 12492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-28 05:20 - 2015-05-18 02:46 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-28 05:20 - 2015-05-18 02:45 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-28 05:20 - 2015-05-18 02:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-05-28 05:20 - 2015-05-18 02:15 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-28 05:20 - 2015-05-18 01:55 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-05-28 05:20 - 2015-05-18 01:48 - 02174464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-28 05:20 - 2015-05-18 01:44 - 04791808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-28 05:20 - 2015-05-18 01:07 - 03595264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-28 05:18 - 2015-05-28 05:18 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-05-27 18:37 - 2015-05-27 18:37 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-27 18:12 - 2015-05-27 18:12 - 09890832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2015-05-27 18:12 - 2015-05-27 18:12 - 00402960 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2015-05-27 18:12 - 2015-05-27 18:12 - 00083984 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2015-05-27 18:12 - 2015-05-27 18:12 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-05-27 18:12 - 2015-05-27 18:12 - 00000000 ____D C:\Program Files (x86)\Intel
2015-05-27 18:11 - 2015-05-27 18:11 - 22905344 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 17837568 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 12142128 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 11719304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 10895800 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 10435408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 08477184 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 06447616 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 04581376 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 04354448 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 04350864 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 03775416 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-05-27 18:11 - 2015-05-27 18:11 - 03625024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-05-27 18:11 - 2015-05-27 18:11 - 02480880 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 02027008 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01758208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01740288 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01540096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01455776 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01137080 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01132960 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00932752 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00793248 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00734720 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00665600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00646304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00603296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00546704 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00546192 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00504208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00456256 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00418704 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00400272 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00399760 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00376832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00372736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00367664 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00319376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00287232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00286720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00281488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00272384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00254976 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-05-27 18:11 - 2015-05-27 18:11 - 00250368 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00246672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00223232 _____ C:\WINDOWS\system32\igdde64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00218808 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00214528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00193936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00188456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00187508 _____ C:\WINDOWS\system32\resTHA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00184832 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00184320 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00183800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3993.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00180324 _____ C:\WINDOWS\system32\resELL.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00176180 _____ C:\WINDOWS\system32\resRUS.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00162304 _____ C:\WINDOWS\system32\igdail64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00162036 _____ C:\WINDOWS\system32\resARA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00161492 _____ C:\WINDOWS\system32\resHEB.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00161428 _____ C:\WINDOWS\system32\resJPN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00159056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00156852 _____ C:\WINDOWS\system32\resFRA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00156836 _____ C:\WINDOWS\system32\resHUN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155536 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00155140 _____ C:\WINDOWS\system32\resKOR.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00155044 _____ C:\WINDOWS\system32\resITA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155044 _____ C:\WINDOWS\system32\resDEU.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154884 _____ C:\WINDOWS\system32\resROM.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154772 _____ C:\WINDOWS\system32\resESN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154340 _____ C:\WINDOWS\system32\resPLK.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154196 _____ C:\WINDOWS\system32\resSKY.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154004 _____ C:\WINDOWS\system32\resNLD.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153444 _____ C:\WINDOWS\system32\resPTB.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153300 _____ C:\WINDOWS\system32\resTRK.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153268 _____ C:\WINDOWS\system32\resCSY.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153140 _____ C:\WINDOWS\system32\resPTG.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00152724 _____ C:\WINDOWS\system32\resFIN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00152292 _____ C:\WINDOWS\system32\resHRV.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00151844 _____ C:\WINDOWS\system32\resSVE.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00151668 _____ C:\WINDOWS\system32\resSLV.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00150740 _____ C:\WINDOWS\system32\resNOR.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00150228 _____ C:\WINDOWS\system32\resDAN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00148916 _____ C:\WINDOWS\system32\resENU.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00147140 _____ C:\WINDOWS\system32\resCHT.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00146308 _____ C:\WINDOWS\system32\resCHS.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00143872 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00094208 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00070144 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00058880 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00031408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00030720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00002586 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00000000 ____D C:\Program Files\Intel
2015-05-27 12:11 - 2015-06-08 05:18 - 00000000 ____D C:\Users\Jürgen\dwhelper
2015-05-26 18:39 - 2015-05-26 18:39 - 00000000 ____D C:\Users\Jürgen\Downloads\Cf_noi
2015-05-26 18:38 - 2015-05-26 18:36 - 00949284 _____ C:\Users\Jürgen\Downloads\Cf_noi.zip
2015-05-26 18:30 - 2015-06-06 17:51 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\vlc
2015-05-26 17:09 - 2015-05-26 17:09 - 00097280 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\Drivers\BrSerIf.sys
2015-05-26 17:09 - 2015-05-26 17:09 - 00019584 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
2015-05-26 17:09 - 2015-05-26 17:09 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Brother
2015-05-26 17:07 - 2015-05-26 17:10 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2015-05-26 17:07 - 2015-05-26 17:07 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2015-05-26 17:03 - 2015-05-26 17:03 - 01560576 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWia09b.dll
2015-05-26 17:03 - 2015-05-26 17:03 - 00050176 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUsi09a.dll
2015-05-26 14:20 - 2015-06-02 18:39 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Nitro PDF
2015-05-26 14:16 - 2015-05-26 14:16 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Nitro
2015-05-26 14:15 - 2015-05-26 14:15 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\CNBJMON2.DLL
2015-05-26 14:14 - 2015-05-26 14:14 - 00002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
2015-05-26 14:14 - 2015-05-26 14:14 - 00002035 _____ C:\Users\Public\Desktop\Nitro Pro 9.lnk
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\ProgramData\Nitro
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\Program Files\Common Files\Nitro
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\Program Files (x86)\Nitro
2015-05-26 14:14 - 2014-03-13 15:18 - 00029704 _____ (Nitro PDF Software) C:\WINDOWS\system32\nitrolocalmon9.dll
2015-05-26 14:14 - 2014-03-13 15:18 - 00017928 _____ (Nitro PDF Software) C:\WINDOWS\system32\nitrolocalui9.dll
2015-05-26 14:13 - 2015-05-26 14:13 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Downloaded Installations
2015-05-26 09:14 - 2015-05-26 09:14 - 00294912 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2015-05-26 09:14 - 2015-05-26 09:14 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2015-05-26 09:14 - 2015-05-26 09:14 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Berlin Stadtplan CD Routing Vollversion
2015-05-26 09:14 - 2015-05-26 09:14 - 00000000 ____D C:\Program Files (x86)\Berlin Stadtplan CD Routing Vollversion
2015-05-26 06:38 - 2015-05-28 08:03 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-26 06:38 - 2015-05-26 06:39 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NVIDIA Corporation
2015-05-26 06:38 - 2015-05-26 06:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-26 06:38 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-05-26 06:37 - 2015-05-28 08:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-05-26 06:37 - 2015-05-27 18:11 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-05-26 06:37 - 2015-05-27 18:11 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-05-25 17:42 - 2015-05-25 17:42 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\LibreOffice
2015-05-25 17:30 - 2015-05-25 17:30 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-05-25 17:30 - 2015-05-25 17:30 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-05-25 17:29 - 2015-05-25 17:30 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2015-05-25 16:57 - 2015-05-25 16:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-05-25 15:51 - 2015-05-25 15:51 - 00002759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft AutoRoute 2013.lnk
2015-05-25 15:51 - 2015-05-25 15:51 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-05-25 15:51 - 2015-05-25 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft AutoRoute 2013
2015-05-25 14:45 - 2015-05-25 14:47 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\EfficientPIM
2015-05-25 14:45 - 2015-05-25 14:46 - 00000000 ____D C:\Program Files (x86)\EfficientPIM
2015-05-25 14:45 - 2015-05-25 14:45 - 00001052 _____ C:\Users\Jürgen\Desktop\EfficientPIM.lnk
2015-05-25 14:45 - 2015-05-25 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EfficientPIM
2015-05-25 13:18 - 2015-06-08 06:44 - 00000000 ____D C:\Users\Jürgen\AppData\Local\CrashDumps
2015-05-25 12:47 - 2015-05-25 12:47 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Zoner
2015-05-25 12:47 - 2015-05-25 12:47 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Zoner
2015-05-25 12:46 - 2015-05-25 12:46 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2015-05-25 12:46 - 2015-05-25 12:46 - 00000000 ____D C:\ProgramData\Zoner
2015-05-25 12:46 - 2015-05-25 12:46 - 00000000 ____D C:\Program Files\Zoner
2015-05-25 12:16 - 2015-06-04 05:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-25 12:10 - 2015-05-25 12:10 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2015-05-25 12:10 - 2015-05-25 12:10 - 00708168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2015-05-25 12:10 - 2015-05-25 12:10 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-05-25 12:10 - 2015-05-25 12:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-05-25 12:05 - 2015-05-25 12:05 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-05-25 11:52 - 2015-05-25 11:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-05-25 09:22 - 2015-05-25 09:22 - 00000000 ____D C:\Program Files (x86)\Photo Notifier and Animation Creator
2015-05-25 09:21 - 2015-05-25 09:21 - 00002174 _____ C:\Users\Public\Desktop\Passwörter sichern.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00002098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00002086 _____ C:\Users\Public\Desktop\IncrediMail.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-25 09:21 - 2015-05-25 09:21 - 00000000 ____D C:\Program Files (x86)\IncrediMail
2015-05-25 09:13 - 2015-05-25 09:13 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Macromedia
2015-05-25 09:07 - 2015-05-25 11:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\IM
2015-05-25 09:07 - 2015-05-25 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\Photo Notifier and Animation Creator
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\IncrediMail
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\IM
2015-05-25 07:14 - 2015-05-25 07:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Apple
2015-05-25 06:58 - 2015-05-25 06:58 - 00003294 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003238 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003210 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003206 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-05-25 06:58 - 2015-05-25 06:58 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2015-05-25 06:48 - 2015-06-08 17:05 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-25 06:48 - 2015-05-25 06:48 - 00003860 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-05-25 06:48 - 2015-05-25 06:48 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Adobe
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Mozilla
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Mozilla
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\ProgramData\Mozilla
2015-05-24 20:15 - 2015-05-24 20:15 - 36357760 _____ C:\Users\Jürgen\Downloads\Firefox-Setup-33.0.2.exe
2015-05-24 20:10 - 2015-05-26 06:38 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NVIDIA
2015-05-24 19:37 - 2015-05-24 19:37 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WindSolutions
2015-05-24 19:36 - 2015-05-24 19:36 - 00000000 ____D C:\ProgramData\WindSolutions
2015-05-24 19:35 - 2015-05-24 19:35 - 10388158 _____ C:\Users\Jürgen\Downloads\CopyTransManagerDEv1.015.zip
2015-05-24 19:35 - 2015-05-24 19:35 - 00000000 ____D C:\Users\Jürgen\Downloads\CopyTransManagerDEv1.015
2015-05-24 19:30 - 2015-05-24 19:30 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NetworkTiles
2015-05-24 18:59 - 2015-05-24 18:59 - 00428216 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-05-24 18:59 - 2015-05-24 18:59 - 00046776 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-05-24 18:59 - 2015-05-24 18:59 - 00000000 ____D C:\Program Files\Elantech
2015-05-24 18:59 - 2015-05-10 20:07 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2015-05-24 18:59 - 2015-05-10 20:06 - 12038656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2015-05-24 18:59 - 2015-05-10 19:49 - 02085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2015-05-24 18:59 - 2015-05-10 19:48 - 12038656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2015-05-24 18:59 - 2015-05-10 19:48 - 11601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2015-05-24 18:59 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-24 18:58 - 2015-05-24 18:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-24 18:58 - 2015-05-24 18:58 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____D C:\Program Files\Realtek
2015-05-24 18:58 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-24 18:57 - 2015-05-24 18:57 - 72121872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-05-24 18:57 - 2015-05-24 18:57 - 14050832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 13091952 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 12950472 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 07166480 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 07088144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 06250000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-05-24 18:57 - 2015-05-24 18:57 - 05665264 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 05280952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 04468752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 03293424 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 03245856 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 03211264 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02908688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02872440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02817184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02702864 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-05-24 18:57 - 2015-05-24 18:57 - 02554784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02184512 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02106896 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02046480 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02014958 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-05-24 18:57 - 2015-05-24 18:57 - 01958280 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01957768 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01773840 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01740816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01584280 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01574512 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01516664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01502152 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01427296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01376656 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01375192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01330656 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01328608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01152064 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01115792 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00997392 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00991424 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00957272 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00954168 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00925200 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00915992 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00881872 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00866880 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00846256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00742920 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00737176 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00720656 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00701528 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00671760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00671248 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00661232 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00637536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00612712 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00599240 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 00589528 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00566344 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00550256 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2015-05-24 18:57 - 2015-05-24 18:57 - 00527000 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00505352 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00497528 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00491384 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00459312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00441288 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00440224 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00438616 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00434488 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00419056 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00381832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00373568 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00346760 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00336928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00333304 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00333304 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00332832 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00325080 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00319408 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00316232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00316232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00295168 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00264672 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00252432 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00247120 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00247080 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00246804 _____ C:\WINDOWS\system32\Drivers\AtherosBT.bin
2015-05-24 18:57 - 2015-05-24 18:57 - 00246096 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00226424 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00217648 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00216584 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00209344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00204152 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00182784 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00181760 _____ (Qualcomm Atheros Communications Inc.) C:\WINDOWS\system32\btcoinst.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00169048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00165976 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00160824 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00153104 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00145352 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00127768 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00116240 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00114384 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00109584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00105496 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00096272 _____ C:\WINDOWS\system32\audioLibVc.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00085424 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00082864 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00082824 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00078184 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00078144 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00069480 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 00048092 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x01020200.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046748 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046268 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x11020100.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046212 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x11020000.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00040684 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000_ss01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00038140 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010100.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00023532 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x01020201.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00016912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0xf0.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x21.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x11.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001922 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010100_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40_SS01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40_nf01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001796 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020000_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_SS01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_LV01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0xf1.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x22.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x12.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001512 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010100_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001242 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001228 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x04.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001214 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x03.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001204 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x02.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001204 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001198 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_26.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001192 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_26_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000296 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000278 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x04.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x03.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x02.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_26_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_26.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-05-24 18:56 - 2015-05-07 05:43 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-05-24 18:56 - 2015-05-07 05:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2015-05-24 18:56 - 2015-05-07 05:25 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-05-24 18:56 - 2015-05-02 02:31 - 16090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-05-24 18:56 - 2015-05-02 02:27 - 14434304 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-05-24 18:56 - 2015-05-02 02:04 - 01281024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-05-24 18:56 - 2015-05-02 01:48 - 12813824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-05-24 18:56 - 2015-05-02 01:37 - 12925440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-05-24 18:56 - 2015-05-02 01:23 - 01281024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-05-24 18:50 - 2015-05-24 18:50 - 00000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2015-05-24 18:50 - 2015-05-24 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-05-24 18:50 - 2015-05-24 18:50 - 00000000 ____D C:\Program Files\Speccy
2015-05-24 18:49 - 2015-05-24 18:49 - 05127432 _____ (Piriform Ltd) C:\Users\Jürgen\Downloads\spsetup128.exe
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\Program Files\WinRAR
2015-05-24 18:26 - 2015-05-24 18:26 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WinRAR
2015-05-24 18:16 - 2015-06-06 17:51 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 5.6
2015-05-24 18:16 - 2015-05-24 18:16 - 00001354 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Standard Edition 5.6.lnk
2015-05-24 18:16 - 2015-05-24 18:16 - 00001024 ____H C:\AMTAG.BIN
2015-05-24 18:16 - 2015-05-24 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 5.6
2015-05-24 18:16 - 2015-01-02 15:18 - 01811568 _____ C:\WINDOWS\ampa.exe
2015-05-24 18:16 - 2013-12-18 11:33 - 00017008 _____ C:\WINDOWS\SysWOW64\ampa.sys
2015-05-24 18:16 - 2013-12-18 11:33 - 00017008 _____ C:\WINDOWS\system32\ampa.sys
2015-05-24 18:14 - 2015-05-24 18:14 - 08644488 _____ (AOMEI Technology Co., Ltd. ) C:\Users\Jürgen\Downloads\PAssist_Std_5.6.3.exe
2015-05-24 18:08 - 2015-05-24 18:08 - 00000000 ____D C:\Users\Jürgen\Documents\MiniTool Partition Wizard Professional Edition 8.1 (FULL + Serial)
2015-05-24 17:59 - 2015-05-24 17:59 - 14674196 _____ C:\Users\Jürgen\Downloads\MiniTool Partition Wizard Professional Edition 8.1 (FULL + Serial).zip
2015-05-24 17:55 - 2015-05-24 17:56 - 08290887 _____ C:\Users\Jürgen\Downloads\CopyTrans 4.842 (FULL + Keygen).zip
2015-05-24 17:49 - 2015-05-24 17:49 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Macromedia
2015-05-24 17:46 - 2015-05-24 17:48 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Spartan
2015-05-24 17:46 - 2015-05-24 17:46 - 00001389 _____ C:\Users\Public\Desktop\EaseUS Todo PCTrans 8.0.lnk
2015-05-24 17:46 - 2015-05-24 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans 8.0
2015-05-24 17:46 - 2015-05-24 17:46 - 00000000 ____D C:\PCTransImage
2015-05-24 17:45 - 2015-05-24 17:45 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-05-24 17:24 - 2015-05-24 17:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-05-24 16:51 - 2015-05-31 17:17 - 00000000 ___DC C:\WINDOWS\Panther
2015-05-24 16:51 - 2015-05-29 19:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-24 16:51 - 2015-05-28 08:16 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-05-24 16:51 - 2015-05-24 16:51 - 00019976 _____ (ASUS) C:\WINDOWS\system32\Drivers\AsHIDSwitch64.sys
2015-05-24 16:50 - 2015-05-24 16:50 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-05-24 16:47 - 2015-05-24 16:47 - 00001047 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-05-24 16:47 - 2015-05-10 20:07 - 04845568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-05-24 16:47 - 2015-05-10 20:06 - 02628608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-05-24 16:47 - 2015-05-10 19:50 - 06355968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-05-24 16:47 - 2015-05-10 19:48 - 05738496 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-05-24 16:47 - 2015-05-10 19:48 - 02628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-05-24 16:43 - 2015-05-24 16:43 - 00000000 ____D C:\Users\Jürgen\AppData\Local\PeerDistRepub
2015-05-24 16:40 - 2015-05-24 16:40 - 02276560 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin95ip.dll
2015-05-24 16:39 - 2015-06-08 11:07 - 00000000 ____D C:\Users\Jürgen\AppData\Local\ActiveSync
2015-05-24 16:32 - 2015-05-24 16:32 - 00000000 ___RD C:\Users\Jürgen\3D Objects
2015-05-24 16:31 - 2015-06-01 07:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Packages
2015-05-24 16:31 - 2015-05-25 11:09 - 00000000 ____D C:\Users\Jürgen\AppData\Local\VirtualStore
2015-05-24 16:31 - 2015-05-24 16:31 - 00002357 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Adobe
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\Users\Jürgen\AppData\Local\GameDVR
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-05-24 16:30 - 2015-06-08 13:08 - 00000000 ____D C:\ProgramData\USOShared
2015-05-24 16:30 - 2015-05-24 16:30 - 00000020 ___SH C:\Users\Jürgen\ntuser.ini
2015-05-24 16:30 - 2015-05-24 16:30 - 00000000 ____D C:\Users\Jürgen\AppData\Local\TileDataLayer
2015-05-24 16:30 - 2015-05-24 16:30 - 00000000 ____D C:\ProgramData\USOPrivate
2015-05-24 16:00 - 2015-06-08 11:15 - 01790128 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-24 15:55 - 2015-04-25 05:12 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-05-24 15:54 - 2015-06-08 16:08 - 00035664 _____ C:\WINDOWS\WindowsUpdate_AU_deprecated.log
2015-05-24 15:54 - 2015-06-08 11:07 - 00000191 _____ C:\WINDOWS\WindowsUpdate.log
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-05-24 15:53 - 2015-06-08 12:20 - 00000000 ____D C:\Users\Jürgen
2015-05-24 15:53 - 2015-05-31 17:17 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2015-05-24 15:53 - 2015-05-31 17:17 - 00001908 _____ C:\WINDOWS\diagerr.xml
2015-05-24 15:53 - 2015-05-24 16:31 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü[CODE] .... Fortsetzung folgt!

Gruß Jürgen

OpaPaule · 08.06.2015, 16:26

FORTSETZUNG:

Code:

ATTFilter

2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Startmenü
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 ____D C:\WINDOWS\CSC
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 ____D C:\Users\DefaultAppPool
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-21 07:01 - 2015-05-21 07:14 - 00000000 ___HD C:\$SysReset
2015-05-21 06:26 - 2015-05-21 06:26 - 00000000 __SHD C:\found.001
2015-05-19 14:04 - 2015-06-04 07:04 - 00000000 _____ C:\Recovery.txt
2015-05-19 07:49 - 2015-05-19 07:08 - 00000000 ____D C:\RecoveryImage
2015-05-16 08:26 - 2015-06-07 19:20 - 00000000 ____D C:\AdwCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-08 17:08 - 2013-10-10 17:09 - 00036977 _____ C:\Users\Jürgen\Downloads\FRST.txt
2015-06-08 16:11 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-08 16:00 - 2013-10-25 12:56 - 00000000 ____D C:\Users\Jürgen\Documents\Efficient Organizer AutoBackup
2015-06-08 11:15 - 2015-04-25 10:27 - 00772388 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-08 11:15 - 2015-04-25 10:27 - 00154104 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-08 11:08 - 2015-04-25 06:08 - 00051473 _____ C:\WINDOWS\system32\NetSetupSvc.log
2015-06-08 11:08 - 2015-04-05 13:05 - 00000000 ___RD C:\Users\Jürgen\OneDrive
2015-06-08 11:07 - 2015-04-25 06:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-08 08:32 - 2015-04-25 04:39 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-06-08 08:06 - 2013-03-24 12:25 - 00000000 ____D C:\Users\Jürgen\Documents\Finanzamt
2015-06-08 04:42 - 2013-05-12 09:20 - 00000000 ____D C:\Users\Jürgen\Desktop\Tools
2015-06-06 17:44 - 2014-12-28 19:59 - 00000000 __SHD C:\$360Section
2015-06-05 19:06 - 2012-12-22 10:26 - 00001992 _____ C:\Users\Jürgen\Desktop\Amazon.lnk
2015-06-05 19:06 - 2012-12-22 10:26 - 00001990 _____ C:\Users\Jürgen\Desktop\WEB.DE.lnk
2015-06-05 08:00 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\Versicherung
2015-06-04 17:40 - 2014-06-01 09:02 - 00000000 ____D C:\Users\Jürgen\Downloads\FarStone DriveClone Server 10.02+Keymaker-CORE
2015-06-04 17:40 - 2014-05-13 07:56 - 18831730 _____ C:\Users\Jürgen\Downloads\TrojanKill2077Lz0.rar
2015-06-04 17:40 - 2014-03-30 15:20 - 00000836 _____ C:\Users\Jürgen\Downloads\SuperAntiSpyware.v5.6.KeyGen.REiS.rar
2015-06-04 17:33 - 2014-08-13 16:55 - 00000000 ____D C:\Users\Jürgen\Downloads\HitmanPro.3.7.9.Build.221
2015-06-04 13:28 - 2014-10-26 15:00 - 00768512 _____ (Reimage®) C:\Users\Jürgen\Downloads\ReimageRepair.exe
2015-06-04 13:11 - 2013-09-12 07:05 - 00000000 ____D C:\Users\Jürgen\Desktop\Player
2015-06-04 13:11 - 2013-08-30 08:47 - 00000000 ____D C:\Users\Jürgen\Desktop\Bildbearbeitung
2015-06-04 13:11 - 2011-07-02 09:38 - 00000000 ____D C:\Users\Jürgen\Desktop\Datei Tools
2015-06-04 13:11 - 2010-06-18 15:27 - 00000000 ____D C:\Users\Jürgen\Desktop\Video
2015-06-04 07:27 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\Seriennummern
2015-06-01 07:16 - 2015-04-25 05:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-05-31 17:26 - 2015-03-24 20:56 - 00000000 ____D C:\Temp
2015-05-31 17:17 - 2015-04-25 04:39 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-05-31 17:14 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\Registration
2015-05-31 06:58 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-30 20:39 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-05-30 17:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-05-30 17:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-05-30 16:42 - 2014-03-31 17:48 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-05-30 16:41 - 2014-03-31 18:00 - 00000000 ____D C:\Users\Jürgen\Documents\RegRun2
2015-05-28 08:17 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\Help
2015-05-26 08:16 - 2013-10-25 11:14 - 04857856 _____ C:\Users\Jürgen\Documents\My Information.effx
2015-05-25 06:25 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-05-25 06:18 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-05-25 06:16 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\appcompat
2015-05-24 18:59 - 2015-04-25 10:30 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-24 18:56 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-05-24 16:51 - 2015-04-25 05:37 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-05-24 16:47 - 2015-04-25 10:28 - 00000000 ____D C:\WINDOWS\OCR
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\PrintDialog3D
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\MtcUvc
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-05-24 15:55 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-05-24 15:55 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-05-24 15:54 - 2015-04-25 06:08 - 00002382 _____ C:\WINDOWS\System32\Tasks\SpeechRuntimeTask
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 ____D C:\Program Files\Windows NT
2015-05-24 15:54 - 2015-04-25 04:39 - 00000000 __RHD C:\Users\Default
2015-05-24 15:54 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-05-24 15:53 - 2015-04-25 04:39 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-05-24 15:52 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\tracing
2015-05-22 07:26 - 2015-02-20 07:20 - 00000000 ___RD C:\Users\Jürgen\iCloudDrive
2015-05-21 16:45 - 2014-12-28 10:30 - 00000000 ____D C:\Users\Jürgen\Documents\EfficientPIM AutoBackup
2015-05-21 08:15 - 2014-11-09 21:09 - 00000000 ____D C:\Users\Jürgen\Documents\Ashampoo 3D CAD Architecture 5
2015-05-21 08:15 - 2013-10-11 12:59 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2015-05-21 08:15 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\SelfMV
2015-05-21 08:15 - 2013-03-24 12:42 - 00000000 ____D C:\Users\Jürgen\Documents\Readiris
2015-05-21 08:15 - 2013-03-24 12:42 - 00000000 ____D C:\Users\Jürgen\Documents\Presente3D
2015-05-21 08:15 - 2013-03-24 12:41 - 00000000 ____D C:\Users\Jürgen\Documents\Nero Recode
2015-05-21 08:15 - 2013-03-24 12:25 - 00000000 ___HD C:\Users\Jürgen\Documents\EverDesk Data
2015-05-21 08:15 - 2013-03-24 12:23 - 00000000 ____D C:\Users\Jürgen\Documents\Ashampoo 3D CAD Architecture 2
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.rainlendar2
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.jameica
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.ausweisapp
2015-05-21 08:15 - 2010-06-16 13:35 - 00000000 ____D C:\Users\Jürgen\Documents\PcSetup
2015-05-17 07:55 - 2013-06-14 10:14 - 00000000 ____D C:\Users\Jürgen\Desktop\Alte Firefox-Daten
2015-05-16 11:43 - 2013-03-24 12:23 - 00000000 ____D C:\Users\Jürgen\Documents\1 und 1
2015-05-10 10:12 - 2014-06-02 07:19 - 00002232 ____H C:\Users\Jürgen\Documents\Default.rdp
2015-05-09 17:43 - 2014-12-25 14:28 - 00895375 _____ C:\2108FP.TXT

==================== Files in the root of some directories =======

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Jürgen\AppData\Roaming\eYuGvhP2muwKU0OH9mh
2015-05-24 18:58 - 2015-05-24 18:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\2314.exe
C:\Users\Jürgen\AppData\Local\Temp\ECC58836-29C1-0B6F-D24A-D38AB68426A8.dll
C:\Users\Jürgen\AppData\Local\Temp\eFixProPackage.exe
C:\Users\Jürgen\AppData\Local\Temp\Quarantine.exe
C:\Users\Jürgen\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Jürgen\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.dll
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-04 06:37

==================== End of log ============================

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Jürgen (administrator) on ASUS-K95VB on 08-06-2015 17:08:51
Running from C:\Users\Jürgen\Downloads
Loaded Profiles: Jürgen (Available Profiles: Jürgen & UpdatusUser)
Platform: Windows 10 Pro Insider Preview (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

Warlord711 · 08.06.2015, 19:52

Einiges an Adware

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Und bitte neue FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

OpaPaule · 09.06.2015, 06:35

Hier die heutigen Scan Ergebnisse:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.1 (06.08.2015:1)
OS: Windows 10 Pro Insider Preview x64
Ran by Jrgen on 09.06.2015 at  7:13:41,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.06.2015 at  7:16:12,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Jürgen (administrator) on ASUS-K95VB on 09-06-2015 06:59:59
Running from C:\Users\Jürgen\Downloads
Loaded Profiles: Jürgen (Available Profiles: Jürgen & UpdatusUser)
Platform: Windows 10 Pro Insider Preview (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(QIHU 360 SOFTWARE CO. LIMITED) H:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Qihu Software Co. Limited) H:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\sihost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(IObit) H:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel Corporation) C:\WINDOWS\System32\igfxTray.exe
(Microsoft Corporation) C:\WINDOWS\System32\taskhostw.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe
() C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\searchui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\System32\fontdrvhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Microsoft Corporation) C:\WINDOWS\System32\SystemSettingsBroker.exe
(Microsoft Corporation) C:\WINDOWS\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\remindersserver.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\actionuriserver.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\WINDOWS\System32\ApplicationFrameHost.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Farbar) C:\Users\Jürgen\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-05-24] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-04] (Avast Software s.r.o.)
HKLM-x32\...\Run: [QHSafeTray] => H:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [287352 2015-05-18] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [AntiLogger] => C:\Program Files (x86)\AntiLogger\AntiLogger.exe [14679464 2014-12-30] (Zemana Ltd.)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7210656 2015-04-25] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7210656 2015-04-25] (Microsoft Corporation)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [OneDrive] => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-24] (Microsoft Corporation)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2015-05-25] (IncrediMail, Ltd.)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [Advanced SystemCare 6] => H:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491856 2013-01-14] (IObit)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94664 2014-12-30] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86400 2014-12-30] (Zemana Ltd.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-04] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:53793;https=127.0.0.1:53793
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-382664376-1932614338-2128433781-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {7D6A4E92-DA7F-185F-9B56-4237FE681640} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-04] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-04] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-25] ()
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-03-13] (Nitro PDF)
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\02220d09-f53e-4ab0-b11e-6e37fb424675.xml [2013-02-14]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\3c42f285-ad6a-4bd8-8af3-ec41cb4a2d08.xml [2013-02-03]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\englische-ergebnisse.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\gmx-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\webde-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{85681726-2887-493D-B28E-EB463B89BDAB}.xml [2011-05-06]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{BE2FB182-94ED-4489-BDDF-10A321B426D4}.xml [2011-05-06]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{F2B519D1-C153-4E1E-8A0A-24F2BB75911B}.xml [2011-05-06]
FF Extension: Logitech Device Detection - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\DeviceDetection@logitech.com [2015-05-25]
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\donottrackplus@abine.com [2015-05-29]
FF Extension: Fasterfox Lite - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\FasterFox_Lite@BigRedBrent [2015-05-29]
FF Extension: Unsubscribe.com - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\firefox@unsubscribe.com [2015-05-25]
FF Extension: TooManyTabs - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\TooManyTabs@visibotech.com [2015-05-29]
FF Extension: Facebook PhotoZoom - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b} [2015-05-25]
FF Extension: Home Extension - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{2E6861CA-9A88-4B7B-B935-F810DE84D259} [2015-05-25]
FF Extension: TV-Fox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2015-05-29]
FF Extension: Flashblock - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-05-29]
FF Extension: ReminderFox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2015-05-29]
FF Extension: Preispiraten - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C} [2015-05-25]
FF Extension: TextMarker Go - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{cd6c4ebf-366e-45a0-98b5-b8217288eed7} [2015-05-29]
FF Extension: CSHelper - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2015-05-29]
FF Extension: Bitdefender QuickScan - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-29]
FF Extension: Memory Fox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2015-05-29]
FF Extension: App Advisor for Facebook - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\2c0ce700-f746-11e1-a21f-0800200c9a66@jetpack.xpi [2015-05-25]
FF Extension: about:addons-memory - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\about-addons-memory@tn123.org.xpi [2015-05-25]
FF Extension: About sessionstore - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\aboutsessionstore@dt.xpi [2015-05-27]
FF Extension: Bookmark Favicon Changer - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\bookmarkfaviconchanger@sonthakit.xpi [2015-05-25]
FF Extension: InvisibleHand - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2015-05-25]
FF Extension: Facebook Disconnect - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\facebook@disconnect.me.xpi [2015-05-25]
FF Extension: GuteGutscheine - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\gutegutscheine@gutegutscheine.com.xpi [2015-05-25]
FF Extension: Facebook Blocker - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\info@skymeissner.com.xpi [2015-05-25]
FF Extension: Lightbeam - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-05-25]
FF Extension: Keyword Search - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\keywordsearch@kaply.com.xpi [2015-05-25]
FF Extension: NoSquint - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\nosquint@urandom.ca.xpi [2015-05-25]
FF Extension: Simple Boss Key - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\simplebosskey@ttt-jl.blogspot.com.xpi [2015-05-29]
FF Extension: Free Hide IP - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\support@free-hideip.com.xpi [2015-05-25]
FF Extension: Mask My IP - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\support@mask-myip.com.xpi [2015-05-25]
FF Extension: Tab Counter - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabcounter@morac.xpi [2015-05-25]
FF Extension: Tab Popup - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabpopup@adarsh.tp.xpi [2015-05-25]
FF Extension: Tab Wheel Scroll - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabscroll@mthamil.xpi [2015-05-25]
FF Extension: Tab Utilities - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabutils@ithinc.cn.xpi [2015-05-25]
FF Extension: Tree Style Tab - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2015-05-25]
FF Extension: Session Manager - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-05-25]
FF Extension: Panic Button - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{24cea704-946d-11da-a72b-0800200c9a66}.xpi [2015-05-25]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2015-05-25]
FF Extension: Minimap Addon - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{398e77b8-2304-11dc-8314-0800200c9a66}.xpi [2015-05-25]
FF Extension: Google Shortcuts - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2015-05-25]
FF Extension: NoScript - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-25]
FF Extension: {73cdfea6-3722-4bf6-8c28-abdfc75aca0d} - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{73cdfea6-3722-4bf6-8c28-abdfc75aca0d}.xpi [2015-05-25]
FF Extension: Page Title Eraser - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{791DB184-BFBA-11DA-9C61-0638DF403F48}.xpi [2015-05-25]
FF Extension: TabRenamizer - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}.xpi [2015-05-25]
FF Extension: ImTranslator - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2015-05-25]
FF Extension: Password Exporter - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2015-05-25]
FF Extension: Video DownloadHelper - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-06-08]
FF Extension: CoolPreviews - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2015-05-25]
FF Extension: Adblock Plus - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-25]
FF Extension: Tab Mix Plus - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-05-25]
FF Extension: html updater - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{dfc9c4c1-eb54-4db2-9daa-3060ff54fac4}.xpi [2015-05-25]
FF Extension: Greasemonkey - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-25]
FF Extension: Sothink Web Video Downloader for Firefox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2015-05-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-04]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - H:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - H:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-06-06]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AJRouter; C:\Windows\System32\AJRouter.dll [19968 2015-04-25] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-04] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [325120 2015-04-25] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [51712 2015-04-25] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [539136 2015-04-25] (Microsoft Corporation)
R2 CoreUIRegistrar; C:\Windows\system32\coremessaging.dll [709240 2015-04-25] (Microsoft Corporation)
R2 CoreUIRegistrar; C:\Windows\SysWOW64\coremessaging.dll [476672 2015-04-25] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [195584 2015-04-25] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [32256 2015-04-25] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagnosticsHub.StandardCollector.Service.exe [26624 2015-04-25] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [269312 2015-04-25] (Microsoft Corporation)
S2 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [111616 2015-04-25] (Microsoft Corporation)
S2 DoSvc; C:\Windows\system32\svchost.exe [39992 2015-04-25] (Microsoft Corporation)
S2 DoSvc; C:\Windows\SysWOW64\svchost.exe [34800 2015-04-25] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [140288 2015-04-25] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [249344 2015-04-25] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-05-24] (ELAN Microelectronics Corp.)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [114176 2015-04-25] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2015-05-27] (Intel Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [23040 2015-04-25] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [18944 2015-04-25] (Microsoft Corporation)
S3 MapsBroker; C:\Windows\System32\moshost.dll [159232 2015-04-25] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [333824 2015-04-25] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [236544 2015-04-25] (Microsoft Corporation)
R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [421376 2015-04-25] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-03-13] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [646656 2015-04-25] (Microsoft Corporation)
R2 QHActiveDefense; H:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [839792 2015-05-18] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RetailDemo; C:\Windows\system32\RetailDemoService.dll [709120 2015-04-25] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [162304 2015-04-25] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [594944 2015-04-25] (Microsoft Corporation)
S3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2626560 2015-04-25] (Microsoft Corporation)
S3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [1865728 2015-04-25] (Microsoft Corporation)
R3 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [446464 2015-04-25] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [631808 2015-04-25] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [316928 2015-04-25] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [450048 2015-04-25] (Microsoft Corporation)
S3 WalletSvc; C:\Windows\system32\WalletService.dll [482304 2015-04-25] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [352880 2015-04-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16728 2015-04-25] (Microsoft Corporation)
S3 WpnService; C:\Windows\system32\WpnService.dll [48640 2015-04-25] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [705024 2015-04-25] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1107968 2015-04-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-05-18] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-05-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-05-18] (Qihu 360 Software Co., Ltd.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [17008 2013-12-18] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [17008 2013-12-18] ()
R1 AntiLog32; C:\WINDOWS\system32\drivers\AntiLog64.sys [49752 2015-06-07] (Zemana Ltd.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-04] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-04] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-04] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-04] ()
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3837440 2015-06-02] (Qualcomm Atheros Communications, Inc.)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-05-18] (Qihu 360 Software Co., Ltd.)
S3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2015-05-26] (Brother Industries Ltd.)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [31232 2015-04-25] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [102912 2015-04-25] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38888 2015-04-25] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_b1983a736b1fed34\CompositeBus.sys [39424 2015-04-25] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3437032 2015-04-25] (QLogic Corporation)
S3 fcvsc; C:\Windows\System32\drivers\fcvsc.sys [30720 2015-04-25] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83456 2015-04-25] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfnclass.sys [20480 2015-04-25] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [48104 2015-04-25] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424936 2015-04-25] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [27648 2015-04-25] (Microsoft Corporation)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd.)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [103912 2015-04-25] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [90600 2015-04-25] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59880 2015-04-25] (Avago Technologies)
R2 mirahid; C:\Windows\System32\drivers\mirahid.sys [35840 2015-04-25] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705512 2015-04-25] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [38400 2015-04-25] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76264 2015-04-25] (Mellanox)
U5 NdisCap; C:\Windows\System32\Drivers\NdisCap.sys [49664 2015-04-25] (Microsoft Corporation)
U5 NdisWan; C:\Windows\System32\Drivers\NdisWan.sys [187904 2015-04-25] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [66560 2015-04-25] ()
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [94208 2015-04-25] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_Session2; No ImagePath
U2 OneSyncSvc_Session6; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58344 2015-04-25] (LSI Corporation)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58856 2015-04-25] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
S3 PimIndexMaintenanceSvc_Session2; No ImagePath
U3 PimIndexMaintenanceSvc_Session6; No ImagePath
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [933864 2015-04-25] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-04-25] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-27] (Realsil Semiconductor Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61440 2015-04-25] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [39912 2015-04-25] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_c3e4290174519138\swenum.sys [17384 2015-04-25] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [43008 2015-04-25] ()
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [239592 2015-04-25] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [89576 2015-04-25] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [123368 2015-04-25] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
S3 UnistoreSvc_Session2; No ImagePath
U3 UnistoreSvc_Session6; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [19456 2015-04-25] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [52200 2015-04-25] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [18432 2015-04-25] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
S3 UserDataSvc_Session2; No ImagePath
U3 UserDataSvc_Session6; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [28672 2015-04-25] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [683520 2015-04-25] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117224 2015-04-25] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [105504 2015-04-25] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [16928 2015-04-25] (Microsoft Corporation)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2012-12-31] (WinISO.com)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [27112 2015-04-25] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59368 2015-04-25] (Mellanox)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-04-25] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: dosvc -> No ServiceDLL Path.
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RetailDemoService.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: WalletSvc -> C:\Windows\system32\WalletService.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 06:58 - 2015-06-09 06:58 - 00016148 _____ C:\WINDOWS\system32\ASUS-K95VB_Jürgen_HistoryPrediction.bin
2015-06-09 05:59 - 2015-06-09 06:03 - 11889140 _____ C:\Users\Jürgen\Downloads\BZ-09.06.15.rar
2015-06-09 05:50 - 2015-06-09 06:59 - 00036648 _____ C:\Users\Jürgen\Downloads\FRST.txt
2015-06-09 05:44 - 2015-06-09 05:44 - 00000000 ___HD C:\OneDriveTemp
2015-06-08 17:05 - 2015-06-09 07:00 - 00000000 ____D C:\FRST
2015-06-08 16:02 - 2015-06-09 06:24 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 16:01 - 2015-06-08 16:01 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-08 16:01 - 2015-06-08 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-08 16:01 - 2015-06-08 16:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-08 16:01 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-08 16:01 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-08 16:01 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-08 12:20 - 2015-06-08 12:20 - 00701351 _____ C:\Users\Jürgen\UStErkl  8.6.15.zip
2015-06-08 07:23 - 2015-06-08 07:23 - 00000000 ____D C:\Users\Jürgen\AppData\Local\HL
2015-06-08 07:15 - 2015-06-08 07:15 - 00000000 ____D C:\ProgramData\AAV
2015-06-08 07:14 - 2015-06-08 07:19 - 00002124 _____ C:\Users\Public\Desktop\TAXMAN 2015.lnk
2015-06-08 07:14 - 2015-06-08 07:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2015-06-08 07:14 - 2015-06-08 07:15 - 00000000 ____D C:\Program Files (x86)\Lexware
2015-06-08 07:12 - 2015-06-08 07:12 - 00000000 ____D C:\ProgramData\HL
2015-06-08 06:43 - 2015-06-08 06:43 - 00000000 ____D C:\Users\Jürgen\Downloads\noscript_security_suite-2.6.9.26-sm_fn_fx
2015-06-08 06:29 - 2015-06-08 06:29 - 00001226 _____ C:\Users\Jürgen\Desktop\ChrisPC Win Experience Index.lnk
2015-06-08 06:29 - 2015-06-08 06:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC Win Experience Index
2015-06-08 06:29 - 2015-06-08 06:29 - 00000000 ____D C:\Program Files (x86)\ChrisPC Win Experience Index
2015-06-08 04:58 - 2015-06-08 04:58 - 01329000 _____ (Chris P.C. srl ) C:\Users\Jürgen\Downloads\setup_chrispc_wei_3_30.exe
2015-06-08 04:54 - 2015-06-08 04:54 - 00561331 _____ C:\Users\Jürgen\Downloads\noscript_security_suite-2.6.9.26-sm_fn_fx.zip
2015-06-08 04:51 - 2015-06-08 04:51 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-08 04:47 - 2015-06-08 04:47 - 02108928 _____ (Farbar) C:\Users\Jürgen\Downloads\FRST64(1).exe
2015-06-07 19:39 - 2015-06-07 19:39 - 00004180 _____ C:\Users\Jürgen\Desktop\JRT.txt
2015-06-07 19:36 - 2015-06-07 19:36 - 00000000 ____D C:\RegBackup
2015-06-07 19:33 - 2015-06-07 19:34 - 02942406 _____ (Thisisu) C:\Users\Jürgen\Desktop\JRT.exe
2015-06-07 19:17 - 2015-06-08 11:07 - 00265400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-07 19:10 - 2015-06-07 19:10 - 00000000 __SHD C:\found.002
2015-06-07 18:30 - 2014-08-03 08:23 - 00362029 _____ C:\WINDOWS\system32\sqlite3.dll
2015-06-07 08:11 - 2015-06-07 08:11 - 00049752 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\AntiLog64.sys
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 __HDC C:\ProgramData\{02A8F2F7-A05E-4DC5-950D-52243BB4C610}
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\ZALSDK_uninst
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Zemana
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Program Files (x86)\AntiLogger
2015-06-07 08:11 - 2014-12-30 13:31 - 07039960 _____ (Zemana Ltd.) C:\WINDOWS\SysWOW64\ZALSDKCore.dll
2015-06-07 08:11 - 2014-12-30 13:31 - 00076520 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys
2015-06-07 08:10 - 2015-06-07 08:10 - 00000000 ____D C:\Users\Jürgen\Downloads\Zemana.v1.9.3.602
2015-06-07 08:09 - 2015-06-07 08:10 - 15919924 _____ C:\Users\Jürgen\Downloads\Zemana.v1.9.3.602.rar
2015-06-07 07:40 - 2015-06-07 07:40 - 02572664 _____ C:\Users\Jürgen\Downloads\Abelssoft AntiLogger 2015.full.rar.exe
2015-06-07 06:46 - 2015-06-07 06:46 - 00000000 ____D C:\Users\Jürgen\Downloads\AntiLogger
2015-06-07 06:43 - 2015-06-07 06:45 - 05317658 _____ C:\Users\Jürgen\Downloads\AntiLogger.rar
2015-06-06 17:52 - 2015-06-06 17:52 - 00000000 ____D C:\ProgramData\360SD
2015-06-06 17:40 - 2015-06-07 09:27 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\360safe
2015-06-06 17:40 - 2015-06-06 17:49 - 00000000 ____D C:\WINDOWS\Tasks\360Disabled
2015-06-06 17:40 - 2015-06-06 17:44 - 00000000 ____D C:\ProgramData\360Quarant
2015-06-06 17:39 - 2015-06-07 19:45 - 00000000 _RSHD C:\360SANDBOX
2015-06-06 17:39 - 2015-06-06 17:52 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-06-06 17:39 - 2015-06-06 17:40 - 00000000 ____D C:\ProgramData\360safe
2015-06-06 17:39 - 2015-06-06 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-06-06 17:39 - 2015-05-18 12:20 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\WINDOWS\system32\Drivers\360fsflt.sys
2015-06-06 17:39 - 2015-05-18 12:20 - 00305736 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2015-06-06 17:39 - 2015-05-18 12:20 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2015-06-06 17:39 - 2015-05-18 12:20 - 00077896 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys
2015-06-06 17:37 - 2015-06-06 17:37 - 36034168 _____ C:\Users\Jürgen\Downloads\360TS_Setup.exe
2015-06-06 17:35 - 2015-06-06 17:35 - 01332344 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\Jürgen\Downloads\360TS_Setup_Mini.exe
2015-06-06 16:09 - 2015-06-06 16:09 - 00007601 _____ C:\WINDOWS\system32\ScanResults.xml
2015-06-06 16:04 - 2015-06-06 16:04 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-06-05 07:54 - 2015-06-05 07:54 - 01517616 _____ C:\Users\Jürgen\Downloads\PCKeeper Installer.exe
2015-06-05 07:39 - 2015-06-05 07:40 - 00860160 _____ C:\Users\Jürgen\Downloads\adsfix_2_04.06.2015.3.exe
2015-06-05 07:37 - 2015-06-05 07:38 - 00315000 _____ C:\Users\Jürgen\Downloads\winchk_2.0.exe
2015-06-05 07:34 - 2015-06-05 07:34 - 00548774 _____ C:\Users\Jürgen\Downloads\winupdatefix_1.3.exe
2015-06-05 07:32 - 2015-06-05 07:32 - 02231296 _____ C:\Users\Jürgen\Desktop\adwcleaner_4.206.exe
2015-06-04 20:13 - 2015-06-04 20:13 - 00001233 _____ C:\Users\Jürgen\Desktop\Photo Background Remover.lnk
2015-06-04 20:13 - 2015-06-04 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Background Remover
2015-06-04 20:13 - 2015-06-04 20:13 - 00000000 ____D C:\Program Files (x86)\Photo Background Remover
2015-06-04 19:59 - 2015-06-07 19:21 - 00004828 _____ C:\WINDOWS\PFRO.log
2015-06-04 19:59 - 2015-06-04 19:59 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-04 19:59 - 2015-06-04 19:59 - 00000000 _____ C:\WINDOWS\setupact.log
2015-06-04 16:54 - 2015-06-04 16:54 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\AVAST Software
2015-06-04 16:53 - 2015-06-07 18:55 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-04 16:53 - 2015-06-04 16:53 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-06-04 16:53 - 2015-06-04 16:53 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-04 16:53 - 2015-06-04 16:53 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-04 16:53 - 2015-06-04 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-04 16:52 - 2015-06-04 16:52 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-04 16:51 - 2015-06-04 16:52 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-04 16:51 - 2015-06-04 16:51 - 05481344 _____ (Avast Software s.r.o.) C:\Users\Jürgen\Downloads\avast_free_antivirus_setup.exe
2015-06-04 13:04 - 2015-06-04 13:04 - 00003220 _____ C:\WINDOWS\System32\Tasks\ASC6_PerformanceMonitor
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\IObit
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\ProgramData\IObit
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2015-06-04 12:53 - 2015-06-08 16:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-04 12:53 - 2015-06-04 12:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Malwarebytes
2015-06-04 11:15 - 2015-06-04 11:15 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Ad-Aware Antivirus
2015-06-04 08:38 - 2015-06-04 08:38 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-04 08:38 - 2015-06-04 08:38 - 00001040 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-04 08:36 - 2015-06-04 08:36 - 00001825 _____ C:\Users\Public\Desktop\eFix Pro.lnk
2015-06-04 08:36 - 2015-06-04 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro
2015-06-04 08:36 - 2015-06-04 08:36 - 00000000 ____D C:\Program Files\eFix
2015-06-04 08:34 - 2015-06-04 08:35 - 00776792 _____ (Reimage®) C:\Users\Jürgen\Downloads\eFixPro.exe
2015-06-04 08:32 - 2015-06-07 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer
2015-06-04 08:32 - 2015-06-04 08:32 - 00001496 _____ C:\Users\Jürgen\Desktop\Resume Registry Easy.lnk
2015-06-04 08:31 - 2015-06-06 17:42 - 00000000 ____D C:\Program Files (x86)\WaInternetEnhancer
2015-06-04 08:31 - 2015-06-06 17:42 - 00000000 ____D C:\Program Files (x86)\BrowserV03.06
2015-06-04 08:31 - 2015-06-04 08:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-06-04 08:30 - 2015-06-06 17:42 - 00000000 ____D C:\Program Files (x86)\HQ Video Pro 3.1cV04.06
2015-06-04 08:29 - 2015-06-04 08:29 - 00579064 _____ C:\Users\Jürgen\Downloads\registry_easy.exe
2015-06-04 07:58 - 2015-06-04 07:58 - 00001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-06-04 07:58 - 2015-06-04 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-06-04 07:58 - 2015-06-04 07:58 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-04 07:58 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-06-04 07:52 - 2015-06-04 07:52 - 00000000 ____D C:\Users\Jürgen\AppData\Local\VS Revo Group
2015-06-04 07:52 - 2015-06-04 07:52 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-06-04 07:50 - 2015-06-04 07:50 - 10840062 _____ C:\Users\Jürgen\Downloads\RevoU312.rar
2015-06-04 07:22 - 2015-06-04 07:25 - 00000000 ____D C:\Program Files\CCleaner
2015-06-04 07:22 - 2015-06-04 07:22 - 00002862 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-06-04 07:22 - 2015-06-04 07:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-04 07:22 - 2015-06-04 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-04 07:20 - 2015-06-04 07:20 - 06552640 _____ (Piriform Ltd) C:\Users\Jürgen\Downloads\ccsetup506pro.exe
2015-06-04 06:55 - 2015-06-04 06:55 - 02585202 _____ C:\Users\Jürgen\Downloads\geek.zip
2015-06-04 06:24 - 2015-06-04 06:24 - 01197344 _____ C:\Users\Jürgen\Downloads\GeekUninstaller - CHIP-Installer.exe
2015-06-04 05:54 - 2015-06-04 05:54 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-06-03 06:16 - 2015-06-04 05:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 18:43 - 2015-06-02 18:43 - 03837440 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
2015-06-02 18:05 - 2015-06-02 18:05 - 00001160 _____ C:\Users\Jürgen\Desktop\Driver Magician.lnk
2015-06-02 18:05 - 2015-06-02 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Magician
2015-06-02 18:05 - 2011-02-08 14:58 - 01882104 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.Controls.v15.0.1.ocx
2015-06-02 18:05 - 2004-09-28 11:13 - 00526184 _____ (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) C:\WINDOWS\SysWOW64\XceedCry.dll
2015-06-02 18:05 - 2004-08-11 15:55 - 00110602 _____ C:\WINDOWS\SysWOW64\xcdsfx32.bin
2015-06-02 18:05 - 2004-03-09 00:00 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Comdlg32.ocx
2015-06-02 18:05 - 2004-03-09 00:00 - 00132880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msinet.ocx
2015-06-02 18:04 - 2015-06-06 17:51 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Driver Magician
2015-06-02 18:04 - 2015-06-02 18:07 - 00000000 ____D C:\Program Files (x86)\Driver Magician
2015-06-02 16:22 - 2015-06-02 16:23 - 00000000 ____D C:\Users\Jürgen\Downloads\magischertreiber
2015-06-02 16:21 - 2015-06-02 16:22 - 17430510 _____ C:\Users\Jürgen\Downloads\magischertreiber.rar
2015-06-02 16:09 - 2005-01-12 11:19 - 00456536 _____ (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) C:\WINDOWS\SysWOW64\XCEEDZIP.DLL
2015-06-02 16:09 - 2004-03-09 00:00 - 01081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscomctl.ocx
2015-06-02 15:48 - 2015-06-02 15:50 - 00000000 ____D C:\Program Files (x86)\PowerDataRecovery6.8
2015-06-02 15:48 - 2015-06-02 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.8
2015-06-02 11:11 - 2015-06-02 11:11 - 00000000 ____D C:\Users\Jürgen\Downloads\MiniToolPowerDataRecovery68-op6n2m
2015-06-02 11:10 - 2015-06-02 11:11 - 28167997 _____ C:\Users\Jürgen\Downloads\MiniToolPowerDataRecovery68-op6n2m.zip
2015-05-31 18:23 - 2015-05-31 18:23 - 00000000 ____D C:\Recovery
2015-05-31 16:58 - 2015-05-31 17:31 - 00000000 ___HD C:\$Windows.~BT
2015-05-31 08:39 - 2015-05-21 12:04 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-31 08:39 - 2015-05-21 06:45 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-31 08:38 - 2015-05-31 08:38 - 00001325 _____ C:\Users\Jürgen\Desktop\WinISO.lnk
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WinISO Computing
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Local\WinISO Computing
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2015-05-31 08:38 - 2012-12-31 09:36 - 00204032 _____ (WinISO.com) C:\WINDOWS\system32\Drivers\WinisoCDBus.sys
2015-05-31 08:10 - 2015-05-31 08:30 - 3942459392 _____ C:\Users\Jürgen\Downloads\Windows10_Pro_InsiderPreview_x64_de_10130.iso
2015-05-31 06:09 - 2015-05-31 06:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-30 21:17 - 2015-05-30 21:18 - 05916582 _____ C:\Users\Jürgen\Downloads\Stellar Phoenix Windows Data Recovery Professional 6.0.0.1 Final.rar
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files\MSBuild
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-05-30 17:53 - 2015-05-30 17:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Reincubate
2015-05-30 17:53 - 2015-05-30 17:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2015-05-30 17:53 - 2015-03-30 18:34 - 01166512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-05-30 17:53 - 2015-03-30 18:34 - 00035472 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-05-30 17:53 - 2015-03-30 17:37 - 00778928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-05-30 17:53 - 2015-03-30 17:37 - 00035472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-05-30 16:57 - 2015-05-30 21:24 - 00000000 ____D C:\ProgramData\TEMP
2015-05-30 16:57 - 2015-05-30 18:28 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2015-05-30 16:57 - 2015-05-30 16:57 - 00001309 _____ C:\Users\Jürgen\Desktop\Stellar Phoenix Windows Data Recovery - Home.lnk
2015-05-30 16:57 - 2015-05-30 16:57 - 00000081 _____ C:\WINDOWS\spwdrhgsadeall.INI
2015-05-30 16:57 - 2015-05-30 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Home
2015-05-30 16:57 - 2015-05-30 16:57 - 00000000 ____D C:\Log
2015-05-30 16:56 - 2015-05-30 16:56 - 04042664 _____ (Stellar Information Technology Pvt Ltd ) C:\Users\Jürgen\Downloads\StellarPhoenixWindowsDataRecovery-Home_DE.exe
2015-05-30 16:41 - 2015-05-30 16:42 - 00000000 ____D C:\ProgramData\RegRun
2015-05-30 16:40 - 2015-05-30 16:41 - 00001142 _____ C:\Users\Jürgen\Desktop\Reanimator.lnk
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2015-05-30 16:40 - 2015-05-30 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
2015-05-30 16:40 - 2015-05-30 16:40 - 00000000 ____D C:\Program Files (x86)\Greatis
2015-05-30 07:43 - 2015-05-30 07:44 - 02394098 _____ C:\Users\Jürgen\Downloads\pidgen.v1.1.3.590.zip
2015-05-30 06:39 - 2015-06-06 17:51 - 00000000 ____D C:\ProgramData\Syncovery

OpaPaule · 09.06.2015, 06:36

Code:

ATTFilter

2015-05-30 06:15 - 2015-05-30 06:16 - 00302011 _____ C:\Users\Jürgen\Downloads\WindowsUpdateDiagnostic.diagcab
2015-05-29 19:16 - 2015-05-10 23:12 - 42719048 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 30502544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 22961808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 18238040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 16147056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 15967088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 15627688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 14457344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 13265128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 12937304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 11790848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 03285432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02906064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02348688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02083472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435284.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435284.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01156952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01054352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01044624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00983912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00977040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00969032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00502896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00407112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-05-29 17:49 - 2015-05-29 18:19 - 92323562 _____ C:\Users\Jürgen\Downloads\697ht.Syncovery.Pro.7.15d.Build.110.x86x64..Portable.rar
2015-05-29 17:46 - 2015-05-29 17:47 - 290481224 _____ (NVIDIA Corporation) C:\Users\Jürgen\Downloads\352.86-notebook-win8-win7-64bit-international-whql.exe
2015-05-29 17:42 - 2015-05-29 17:42 - 00000000 ____D C:\Users\Jürgen\Downloads\VGA_nVidia_Win81_64_VER918132683
2015-05-29 07:31 - 2015-05-29 07:31 - 00002112 _____ C:\Users\Public\Desktop\IncrediBackup.lnk
2015-05-29 07:31 - 2015-05-29 07:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediBackup
2015-05-29 07:31 - 2015-05-29 07:31 - 00000000 ____D C:\Program Files (x86)\IncrediBackup
2015-05-28 08:20 - 2015-05-28 08:20 - 01014824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00822720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00364360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 06867272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 03485328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 01054352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00937104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-28 08:17 - 2015-05-10 21:41 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-28 08:17 - 2015-05-07 18:51 - 04391542 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-05-28 08:15 - 2015-05-10 23:12 - 11052688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-05-28 08:15 - 2015-05-10 23:12 - 00032079 _____ C:\WINDOWS\system32\nvinfo.pb
2015-05-28 08:15 - 2015-05-10 23:12 - 00031560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-05-28 08:15 - 2013-08-21 13:47 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432683.dll
2015-05-28 08:15 - 2013-08-21 13:47 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432683.dll
2015-05-28 08:11 - 2015-05-28 08:12 - 316360307 _____ C:\Users\Jürgen\Downloads\VGA_nVidia_Win81_64_VER918132683.zip
2015-05-28 08:03 - 2015-05-28 08:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-05-28 05:21 - 2015-05-18 02:46 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-28 05:21 - 2015-05-18 02:45 - 01564672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-28 05:21 - 2015-05-18 02:45 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-28 05:21 - 2015-05-18 02:45 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-05-28 05:21 - 2015-05-18 02:44 - 02755072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-05-28 05:21 - 2015-05-18 02:44 - 02114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-28 05:21 - 2015-05-18 02:43 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-05-28 05:21 - 2015-05-18 02:43 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-05-28 05:21 - 2015-05-18 02:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-05-28 05:21 - 2015-05-18 02:00 - 19622912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-28 05:21 - 2015-05-18 01:49 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-28 05:21 - 2015-05-18 01:49 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-28 05:21 - 2015-05-18 01:48 - 02755072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-05-28 05:21 - 2015-05-18 01:48 - 02037248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-28 05:21 - 2015-05-18 01:48 - 01342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-28 05:21 - 2015-05-18 01:48 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-05-28 05:21 - 2015-05-18 01:47 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-05-28 05:21 - 2015-05-18 01:47 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-05-28 05:21 - 2015-05-18 01:40 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-05-28 05:21 - 2015-05-18 01:04 - 11318784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-28 05:21 - 2015-05-18 01:03 - 20603904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-05-28 05:21 - 2015-05-18 01:00 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-05-28 05:20 - 2015-05-18 05:01 - 03456656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-28 05:20 - 2015-05-18 03:51 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-05-28 05:20 - 2015-05-18 03:30 - 02778456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-28 05:20 - 2015-05-18 03:20 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-28 05:20 - 2015-05-18 02:59 - 24580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-28 05:20 - 2015-05-18 02:50 - 12492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-28 05:20 - 2015-05-18 02:46 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-28 05:20 - 2015-05-18 02:45 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-28 05:20 - 2015-05-18 02:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-05-28 05:20 - 2015-05-18 02:15 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-28 05:20 - 2015-05-18 01:55 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-05-28 05:20 - 2015-05-18 01:48 - 02174464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-28 05:20 - 2015-05-18 01:44 - 04791808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-28 05:20 - 2015-05-18 01:07 - 03595264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-28 05:18 - 2015-05-28 05:18 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-05-27 18:37 - 2015-05-27 18:37 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-27 18:12 - 2015-05-27 18:12 - 09890832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2015-05-27 18:12 - 2015-05-27 18:12 - 00402960 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2015-05-27 18:12 - 2015-05-27 18:12 - 00083984 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2015-05-27 18:12 - 2015-05-27 18:12 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-05-27 18:12 - 2015-05-27 18:12 - 00000000 ____D C:\Program Files (x86)\Intel
2015-05-27 18:11 - 2015-05-27 18:11 - 22905344 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 17837568 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 12142128 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 11719304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 10895800 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 10435408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 08477184 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 06447616 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 04581376 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 04354448 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 04350864 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 03775416 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-05-27 18:11 - 2015-05-27 18:11 - 03625024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-05-27 18:11 - 2015-05-27 18:11 - 02480880 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 02027008 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01758208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01740288 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01540096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01455776 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01137080 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01132960 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00932752 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00793248 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00734720 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00665600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00646304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00603296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00546704 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00546192 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00504208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00456256 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00418704 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00400272 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00399760 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00376832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00372736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00367664 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00319376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00287232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00286720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00281488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00272384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00254976 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-05-27 18:11 - 2015-05-27 18:11 - 00250368 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00246672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00223232 _____ C:\WINDOWS\system32\igdde64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00218808 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00214528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00193936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00188456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00187508 _____ C:\WINDOWS\system32\resTHA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00184832 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00184320 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00183800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3993.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00180324 _____ C:\WINDOWS\system32\resELL.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00176180 _____ C:\WINDOWS\system32\resRUS.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00162304 _____ C:\WINDOWS\system32\igdail64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00162036 _____ C:\WINDOWS\system32\resARA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00161492 _____ C:\WINDOWS\system32\resHEB.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00161428 _____ C:\WINDOWS\system32\resJPN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00159056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00156852 _____ C:\WINDOWS\system32\resFRA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00156836 _____ C:\WINDOWS\system32\resHUN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155536 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00155140 _____ C:\WINDOWS\system32\resKOR.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00155044 _____ C:\WINDOWS\system32\resITA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155044 _____ C:\WINDOWS\system32\resDEU.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154884 _____ C:\WINDOWS\system32\resROM.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154772 _____ C:\WINDOWS\system32\resESN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154340 _____ C:\WINDOWS\system32\resPLK.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154196 _____ C:\WINDOWS\system32\resSKY.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154004 _____ C:\WINDOWS\system32\resNLD.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153444 _____ C:\WINDOWS\system32\resPTB.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153300 _____ C:\WINDOWS\system32\resTRK.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153268 _____ C:\WINDOWS\system32\resCSY.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153140 _____ C:\WINDOWS\system32\resPTG.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00152724 _____ C:\WINDOWS\system32\resFIN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00152292 _____ C:\WINDOWS\system32\resHRV.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00151844 _____ C:\WINDOWS\system32\resSVE.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00151668 _____ C:\WINDOWS\system32\resSLV.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00150740 _____ C:\WINDOWS\system32\resNOR.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00150228 _____ C:\WINDOWS\system32\resDAN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00148916 _____ C:\WINDOWS\system32\resENU.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00147140 _____ C:\WINDOWS\system32\resCHT.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00146308 _____ C:\WINDOWS\system32\resCHS.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00143872 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00094208 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00070144 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00058880 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00031408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00030720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00002586 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00000000 ____D C:\Program Files\Intel
2015-05-27 12:11 - 2015-06-09 06:04 - 00000000 ____D C:\Users\Jürgen\dwhelper
2015-05-26 18:39 - 2015-05-26 18:39 - 00000000 ____D C:\Users\Jürgen\Downloads\Cf_noi
2015-05-26 18:38 - 2015-05-26 18:36 - 00949284 _____ C:\Users\Jürgen\Downloads\Cf_noi.zip
2015-05-26 18:30 - 2015-06-06 17:51 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\vlc
2015-05-26 17:09 - 2015-05-26 17:09 - 00097280 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\Drivers\BrSerIf.sys
2015-05-26 17:09 - 2015-05-26 17:09 - 00019584 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
2015-05-26 17:09 - 2015-05-26 17:09 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Brother
2015-05-26 17:07 - 2015-05-26 17:10 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2015-05-26 17:07 - 2015-05-26 17:07 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2015-05-26 17:03 - 2015-05-26 17:03 - 01560576 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWia09b.dll
2015-05-26 17:03 - 2015-05-26 17:03 - 00050176 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUsi09a.dll
2015-05-26 14:20 - 2015-06-02 18:39 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Nitro PDF
2015-05-26 14:16 - 2015-05-26 14:16 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Nitro
2015-05-26 14:15 - 2015-05-26 14:15 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\CNBJMON2.DLL
2015-05-26 14:14 - 2015-05-26 14:14 - 00002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
2015-05-26 14:14 - 2015-05-26 14:14 - 00002035 _____ C:\Users\Public\Desktop\Nitro Pro 9.lnk
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\ProgramData\Nitro
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\Program Files\Common Files\Nitro
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\Program Files (x86)\Nitro
2015-05-26 14:14 - 2014-03-13 15:18 - 00029704 _____ (Nitro PDF Software) C:\WINDOWS\system32\nitrolocalmon9.dll
2015-05-26 14:14 - 2014-03-13 15:18 - 00017928 _____ (Nitro PDF Software) C:\WINDOWS\system32\nitrolocalui9.dll
2015-05-26 14:13 - 2015-05-26 14:13 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Downloaded Installations
2015-05-26 09:14 - 2015-05-26 09:14 - 00294912 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2015-05-26 09:14 - 2015-05-26 09:14 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2015-05-26 09:14 - 2015-05-26 09:14 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Berlin Stadtplan CD Routing Vollversion
2015-05-26 09:14 - 2015-05-26 09:14 - 00000000 ____D C:\Program Files (x86)\Berlin Stadtplan CD Routing Vollversion
2015-05-26 06:38 - 2015-05-28 08:03 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-26 06:38 - 2015-05-26 06:39 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NVIDIA Corporation
2015-05-26 06:38 - 2015-05-26 06:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-26 06:38 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-05-26 06:37 - 2015-05-28 08:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-05-26 06:37 - 2015-05-27 18:11 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-05-26 06:37 - 2015-05-27 18:11 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-05-25 17:42 - 2015-05-25 17:42 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\LibreOffice
2015-05-25 17:30 - 2015-05-25 17:30 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-05-25 17:30 - 2015-05-25 17:30 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-05-25 17:29 - 2015-05-25 17:30 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2015-05-25 16:57 - 2015-05-25 16:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-05-25 15:51 - 2015-05-25 15:51 - 00002759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft AutoRoute 2013.lnk
2015-05-25 15:51 - 2015-05-25 15:51 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-05-25 15:51 - 2015-05-25 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft AutoRoute 2013
2015-05-25 14:45 - 2015-05-25 14:47 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\EfficientPIM
2015-05-25 14:45 - 2015-05-25 14:46 - 00000000 ____D C:\Program Files (x86)\EfficientPIM
2015-05-25 14:45 - 2015-05-25 14:45 - 00001052 _____ C:\Users\Jürgen\Desktop\EfficientPIM.lnk
2015-05-25 14:45 - 2015-05-25 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EfficientPIM
2015-05-25 13:18 - 2015-06-08 06:44 - 00000000 ____D C:\Users\Jürgen\AppData\Local\CrashDumps
2015-05-25 12:47 - 2015-05-25 12:47 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Zoner
2015-05-25 12:47 - 2015-05-25 12:47 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Zoner
2015-05-25 12:46 - 2015-05-25 12:46 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2015-05-25 12:46 - 2015-05-25 12:46 - 00000000 ____D C:\ProgramData\Zoner
2015-05-25 12:46 - 2015-05-25 12:46 - 00000000 ____D C:\Program Files\Zoner
2015-05-25 12:16 - 2015-06-04 05:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-25 12:10 - 2015-05-25 12:10 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2015-05-25 12:10 - 2015-05-25 12:10 - 00708168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2015-05-25 12:10 - 2015-05-25 12:10 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-05-25 12:10 - 2015-05-25 12:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-05-25 12:05 - 2015-05-25 12:05 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-05-25 11:52 - 2015-05-25 11:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-05-25 09:22 - 2015-05-25 09:22 - 00000000 ____D C:\Program Files (x86)\Photo Notifier and Animation Creator
2015-05-25 09:21 - 2015-05-25 09:21 - 00002174 _____ C:\Users\Public\Desktop\Passwörter sichern.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00002098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00002086 _____ C:\Users\Public\Desktop\IncrediMail.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-25 09:21 - 2015-05-25 09:21 - 00000000 ____D C:\Program Files (x86)\IncrediMail
2015-05-25 09:13 - 2015-05-25 09:13 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Macromedia
2015-05-25 09:07 - 2015-05-25 11:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\IM
2015-05-25 09:07 - 2015-05-25 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\Photo Notifier and Animation Creator
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\IncrediMail
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\IM
2015-05-25 07:14 - 2015-05-25 07:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Apple
2015-05-25 06:58 - 2015-05-25 06:58 - 00003294 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003238 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003210 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003206 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-05-25 06:58 - 2015-05-25 06:58 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2015-05-25 06:48 - 2015-06-09 06:05 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-25 06:48 - 2015-05-25 06:48 - 00003860 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-05-25 06:48 - 2015-05-25 06:48 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Adobe
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Mozilla
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Mozilla
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\ProgramData\Mozilla
2015-05-24 20:15 - 2015-05-24 20:15 - 36357760 _____ C:\Users\Jürgen\Downloads\Firefox-Setup-33.0.2.exe
2015-05-24 20:10 - 2015-05-26 06:38 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NVIDIA
2015-05-24 19:37 - 2015-05-24 19:37 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WindSolutions
2015-05-24 19:36 - 2015-05-24 19:36 - 00000000 ____D C:\ProgramData\WindSolutions
2015-05-24 19:35 - 2015-05-24 19:35 - 10388158 _____ C:\Users\Jürgen\Downloads\CopyTransManagerDEv1.015.zip
2015-05-24 19:35 - 2015-05-24 19:35 - 00000000 ____D C:\Users\Jürgen\Downloads\CopyTransManagerDEv1.015
2015-05-24 19:30 - 2015-05-24 19:30 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NetworkTiles
2015-05-24 18:59 - 2015-05-24 18:59 - 00428216 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-05-24 18:59 - 2015-05-24 18:59 - 00046776 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-05-24 18:59 - 2015-05-24 18:59 - 00000000 ____D C:\Program Files\Elantech
2015-05-24 18:59 - 2015-05-10 20:07 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2015-05-24 18:59 - 2015-05-10 20:06 - 12038656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2015-05-24 18:59 - 2015-05-10 19:49 - 02085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2015-05-24 18:59 - 2015-05-10 19:48 - 12038656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2015-05-24 18:59 - 2015-05-10 19:48 - 11601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2015-05-24 18:59 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-24 18:58 - 2015-05-24 18:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-24 18:58 - 2015-05-24 18:58 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____D C:\Program Files\Realtek
2015-05-24 18:58 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-24 18:57 - 2015-05-24 18:57 - 72121872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-05-24 18:57 - 2015-05-24 18:57 - 14050832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 13091952 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 12950472 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 07166480 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 07088144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 06250000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-05-24 18:57 - 2015-05-24 18:57 - 05665264 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 05280952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 04468752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 03293424 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 03245856 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 03211264 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02908688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02872440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02817184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02702864 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-05-24 18:57 - 2015-05-24 18:57 - 02554784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02184512 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02106896 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02046480 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02014958 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-05-24 18:57 - 2015-05-24 18:57 - 01958280 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01957768 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01773840 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01740816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01584280 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01574512 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01516664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01502152 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01427296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01376656 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01375192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01330656 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01328608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01152064 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01115792 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00997392 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00991424 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00957272 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00954168 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00925200 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00915992 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00881872 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00866880 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00846256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00742920 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00737176 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00720656 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00701528 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00671760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00671248 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00661232 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00637536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00612712 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00599240 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 00589528 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00566344 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00550256 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2015-05-24 18:57 - 2015-05-24 18:57 - 00527000 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00505352 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00497528 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00491384 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00459312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00441288 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00440224 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00438616 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00434488 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00419056 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00381832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00373568 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00346760 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00336928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00333304 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00333304 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00332832 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00325080 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00319408 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00316232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00316232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00295168 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00264672 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00252432 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00247120 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00247080 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00246804 _____ C:\WINDOWS\system32\Drivers\AtherosBT.bin
2015-05-24 18:57 - 2015-05-24 18:57 - 00246096 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00226424 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00217648 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00216584 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00209344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00204152 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00182784 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00181760 _____ (Qualcomm Atheros Communications Inc.) C:\WINDOWS\system32\btcoinst.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00169048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00165976 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00160824 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00153104 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00145352 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00127768 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00116240 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00114384 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00109584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00105496 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00096272 _____ C:\WINDOWS\system32\audioLibVc.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00085424 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00082864 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00082824 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00078184 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00078144 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00069480 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 00048092 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x01020200.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046748 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046268 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x11020100.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046212 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x11020000.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00040684 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000_ss01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00038140 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010100.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00023532 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x01020201.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00016912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0xf0.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x21.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x11.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001922 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010100_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40_SS01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40_nf01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001796 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020000_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_SS01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_LV01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0xf1.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x22.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x12.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001512 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010100_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001242 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001228 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x04.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001214 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x03.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001204 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x02.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001204 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001198 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_26.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001192 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_26_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000296 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000278 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x04.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x03.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x02.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_26_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_26.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-05-24 18:56 - 2015-05-07 05:43 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-05-24 18:56 - 2015-05-07 05:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2015-05-24 18:56 - 2015-05-07 05:25 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-05-24 18:56 - 2015-05-02 02:31 - 16090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-05-24 18:56 - 2015-05-02 02:27 - 14434304 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-05-24 18:56 - 2015-05-02 02:04 - 01281024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-05-24 18:56 - 2015-05-02 01:48 - 12813824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-05-24 18:56 - 2015-05-02 01:37 - 12925440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-05-24 18:56 - 2015-05-02 01:23 - 01281024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-05-24 18:50 - 2015-05-24 18:50 - 00000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2015-05-24 18:50 - 2015-05-24 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-05-24 18:50 - 2015-05-24 18:50 - 00000000 ____D C:\Program Files\Speccy
2015-05-24 18:49 - 2015-05-24 18:49 - 05127432 _____ (Piriform Ltd) C:\Users\Jürgen\Downloads\spsetup128.exe
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\Program Files\WinRAR
2015-05-24 18:26 - 2015-05-24 18:26 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WinRAR
2015-05-24 18:16 - 2015-06-06 17:51 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 5.6
2015-05-24 18:16 - 2015-05-24 18:16 - 00001354 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Standard Edition 5.6.lnk
2015-05-24 18:16 - 2015-05-24 18:16 - 00001024 ____H C:\AMTAG.BIN
2015-05-24 18:16 - 2015-05-24 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 5.6
2015-05-24 18:16 - 2015-01-02 15:18 - 01811568 _____ C:\WINDOWS\ampa.exe
2015-05-24 18:16 - 2013-12-18 11:33 - 00017008 _____ C:\WINDOWS\SysWOW64\ampa.sys
2015-05-24 18:16 - 2013-12-18 11:33 - 00017008 _____ C:\WINDOWS\system32\ampa.sys
2015-05-24 18:14 - 2015-05-24 18:14 - 08644488 _____ (AOMEI Technology Co., Ltd. ) C:\Users\Jürgen\Downloads\PAssist_Std_5.6.3.exe
2015-05-24 18:08 - 2015-05-24 18:08 - 00000000 ____D C:\Users\Jürgen\Documents\MiniTool Partition Wizard Professional Edition 8.1 (FULL + Serial)
2015-05-24 17:59 - 2015-05-24 17:59 - 14674196 _____ C:\Users\Jürgen\Downloads\MiniTool Partition Wizard Professional Edition 8.1 (FULL + Serial).zip
2015-05-24 17:55 - 2015-05-24 17:56 - 08290887 _____ C:\Users\Jürgen\Downloads\CopyTrans 4.842 (FULL + Keygen).zip
2015-05-24 17:49 - 2015-05-24 17:49 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Macromedia
2015-05-24 17:46 - 2015-05-24 17:48 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Spartan
2015-05-24 17:46 - 2015-05-24 17:46 - 00001389 _____ C:\Users\Public\Desktop\EaseUS Todo PCTrans 8.0.lnk
2015-05-24 17:46 - 2015-05-24 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans 8.0
2015-05-24 17:46 - 2015-05-24 17:46 - 00000000 ____D C:\PCTransImage
2015-05-24 17:45 - 2015-05-24 17:45 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-05-24 17:24 - 2015-05-24 17:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-05-24 16:51 - 2015-05-31 17:17 - 00000000 ___DC C:\WINDOWS\Panther
2015-05-24 16:51 - 2015-05-29 19:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-24 16:51 - 2015-05-28 08:16 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-05-24 16:51 - 2015-05-24 16:51 - 00019976 _____ (ASUS) C:\WINDOWS\system32\Drivers\AsHIDSwitch64.sys
2015-05-24 16:50 - 2015-05-24 16:50 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-05-24 16:47 - 2015-05-24 16:47 - 00001047 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-05-24 16:47 - 2015-05-10 20:07 - 04845568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-05-24 16:47 - 2015-05-10 20:06 - 02628608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-05-24 16:47 - 2015-05-10 19:50 - 06355968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-05-24 16:47 - 2015-05-10 19:48 - 05738496 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-05-24 16:47 - 2015-05-10 19:48 - 02628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-05-24 16:43 - 2015-05-24 16:43 - 00000000 ____D C:\Users\Jürgen\AppData\Local\PeerDistRepub
2015-05-24 16:40 - 2015-05-24 16:40 - 02276560 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin95ip.dll
2015-05-24 16:39 - 2015-06-09 05:44 - 00000000 ____D C:\Users\Jürgen\AppData\Local\ActiveSync
2015-05-24 16:32 - 2015-05-24 16:32 - 00000000 ___RD C:\Users\Jürgen\3D Objects
2015-05-24 16:31 - 2015-06-01 07:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Packages
2015-05-24 16:31 - 2015-05-25 11:09 - 00000000 ____D C:\Users\Jürgen\AppData\Local\VirtualStore
2015-05-24 16:31 - 2015-05-24 16:31 - 00002357 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Adobe
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\Users\Jürgen\AppData\Local\GameDVR
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-05-24 16:30 - 2015-06-08 18:50 - 00000000 ____D C:\ProgramData\USOShared
2015-05-24 16:30 - 2015-05-24 16:30 - 00000020 ___SH C:\Users\Jürgen\ntuser.ini
2015-05-24 16:30 - 2015-05-24 16:30 - 00000000 ____D C:\Users\Jürgen\AppData\Local\TileDataLayer
2015-05-24 16:30 - 2015-05-24 16:30 - 00000000 ____D C:\ProgramData\USOPrivate
2015-05-24 16:00 - 2015-06-08 17:32 - 01790128 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-24 15:55 - 2015-04-25 05:12 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-05-24 15:54 - 2015-06-09 05:54 - 00036925 _____ C:\WINDOWS\WindowsUpdate_AU_deprecated.log
2015-05-24 15:54 - 2015-06-08 11:07 - 00000191 _____ C:\WINDOWS\WindowsUpdate.log
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-05-24 15:53 - 2015-06-08 12:20 - 00000000 ____D C:\Users\Jürgen
2015-05-24 15:53 - 2015-05-31 17:17 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2015-05-24 15:53 - 2015-05-31 17:17 - 00001908 _____ C:\WINDOWS\diagerr.xml
2015-05-24 15:53 - 2015-05-24 16:31 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Startmenü
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 ____D C:\WINDOWS\CSC
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 ____D C:\Users\DefaultAppPool
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-21 07:01 - 2015-05-21 07:14 - 00000000 ___HD C:\$SysReset
2015-05-21 06:26 - 2015-05-21 06:26 - 00000000 __SHD C:\found.001
2015-05-19 14:04 - 2015-06-04 07:04 - 00000000 _____ C:\Recovery.txt
2015-05-19 07:49 - 2015-05-19 07:08 - 00000000 ____D C:\RecoveryImage
2015-05-16 08:26 - 2015-06-09 06:22 - 00000000 ____D C:\AdwCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 06:59 - 2015-04-25 06:08 - 00052185 _____ C:\WINDOWS\system32\NetSetupSvc.log
2015-06-09 06:45 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-09 05:52 - 2013-10-10 17:06 - 00082819 _____ C:\Users\Jürgen\Downloads\Addition.txt
2015-06-09 05:44 - 2015-04-05 13:05 - 00000000 ___RD C:\Users\Jürgen\OneDrive
2015-06-08 19:56 - 2013-10-25 12:56 - 00000000 ____D C:\Users\Jürgen\Documents\Efficient Organizer AutoBackup
2015-06-08 17:32 - 2015-04-25 10:27 - 00772388 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-08 17:32 - 2015-04-25 10:27 - 00154104 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-08 11:07 - 2015-04-25 06:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-08 08:32 - 2015-04-25 04:39 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-06-08 08:06 - 2013-03-24 12:25 - 00000000 ____D C:\Users\Jürgen\Documents\Finanzamt
2015-06-08 04:42 - 2013-05-12 09:20 - 00000000 ____D C:\Users\Jürgen\Desktop\Tools
2015-06-06 17:44 - 2014-12-28 19:59 - 00000000 __SHD C:\$360Section
2015-06-05 19:06 - 2012-12-22 10:26 - 00001992 _____ C:\Users\Jürgen\Desktop\Amazon.lnk
2015-06-05 19:06 - 2012-12-22 10:26 - 00001990 _____ C:\Users\Jürgen\Desktop\WEB.DE.lnk
2015-06-05 08:00 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\Versicherung
2015-06-04 17:40 - 2014-06-01 09:02 - 00000000 ____D C:\Users\Jürgen\Downloads\FarStone DriveClone Server 10.02+Keymaker-CORE
2015-06-04 17:40 - 2014-05-13 07:56 - 18831730 _____ C:\Users\Jürgen\Downloads\TrojanKill2077Lz0.rar
2015-06-04 17:40 - 2014-03-30 15:20 - 00000836 _____ C:\Users\Jürgen\Downloads\SuperAntiSpyware.v5.6.KeyGen.REiS.rar
2015-06-04 17:33 - 2014-08-13 16:55 - 00000000 ____D C:\Users\Jürgen\Downloads\HitmanPro.3.7.9.Build.221
2015-06-04 13:28 - 2014-10-26 15:00 - 00768512 _____ (Reimage®) C:\Users\Jürgen\Downloads\ReimageRepair.exe
2015-06-04 13:11 - 2013-09-12 07:05 - 00000000 ____D C:\Users\Jürgen\Desktop\Player
2015-06-04 13:11 - 2013-08-30 08:47 - 00000000 ____D C:\Users\Jürgen\Desktop\Bildbearbeitung
2015-06-04 13:11 - 2011-07-02 09:38 - 00000000 ____D C:\Users\Jürgen\Desktop\Datei Tools
2015-06-04 13:11 - 2010-06-18 15:27 - 00000000 ____D C:\Users\Jürgen\Desktop\Video
2015-06-04 07:27 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\Seriennummern
2015-06-01 07:16 - 2015-04-25 05:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-05-31 17:26 - 2015-03-24 20:56 - 00000000 ____D C:\Temp
2015-05-31 17:17 - 2015-04-25 04:39 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-05-31 17:14 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\Registration
2015-05-31 06:58 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-30 20:39 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-05-30 17:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-05-30 17:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-05-30 16:42 - 2014-03-31 17:48 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-05-30 16:41 - 2014-03-31 18:00 - 00000000 ____D C:\Users\Jürgen\Documents\RegRun2
2015-05-28 08:17 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\Help
2015-05-26 08:16 - 2013-10-25 11:14 - 04857856 _____ C:\Users\Jürgen\Documents\My Information.effx
2015-05-25 06:25 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-05-25 06:18 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-05-25 06:16 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\appcompat
2015-05-24 18:59 - 2015-04-25 10:30 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-24 18:56 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-05-24 16:51 - 2015-04-25 05:37 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-05-24 16:47 - 2015-04-25 10:28 - 00000000 ____D C:\WINDOWS\OCR
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\PrintDialog3D
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\MtcUvc
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-05-24 15:55 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-05-24 15:55 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-05-24 15:54 - 2015-04-25 06:08 - 00002382 _____ C:\WINDOWS\System32\Tasks\SpeechRuntimeTask
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 ____D C:\Program Files\Windows NT
2015-05-24 15:54 - 2015-04-25 04:39 - 00000000 __RHD C:\Users\Default
2015-05-24 15:54 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-05-24 15:53 - 2015-04-25 04:39 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-05-24 15:52 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\tracing
2015-05-22 07:26 - 2015-02-20 07:20 - 00000000 ___RD C:\Users\Jürgen\iCloudDrive
2015-05-21 16:45 - 2014-12-28 10:30 - 00000000 ____D C:\Users\Jürgen\Documents\EfficientPIM AutoBackup
2015-05-21 08:15 - 2014-11-09 21:09 - 00000000 ____D C:\Users\Jürgen\Documents\Ashampoo 3D CAD Architecture 5
2015-05-21 08:15 - 2013-10-11 12:59 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2015-05-21 08:15 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\SelfMV
2015-05-21 08:15 - 2013-03-24 12:42 - 00000000 ____D C:\Users\Jürgen\Documents\Readiris
2015-05-21 08:15 - 2013-03-24 12:42 - 00000000 ____D C:\Users\Jürgen\Documents\Presente3D
2015-05-21 08:15 - 2013-03-24 12:41 - 00000000 ____D C:\Users\Jürgen\Documents\Nero Recode
2015-05-21 08:15 - 2013-03-24 12:25 - 00000000 ___HD C:\Users\Jürgen\Documents\EverDesk Data
2015-05-21 08:15 - 2013-03-24 12:23 - 00000000 ____D C:\Users\Jürgen\Documents\Ashampoo 3D CAD Architecture 2
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.rainlendar2
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.jameica
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.ausweisapp
2015-05-21 08:15 - 2010-06-16 13:35 - 00000000 ____D C:\Users\Jürgen\Documents\PcSetup
2015-05-17 07:55 - 2013-06-14 10:14 - 00000000 ____D C:\Users\Jürgen\Desktop\Alte Firefox-Daten
2015-05-16 11:43 - 2013-03-24 12:23 - 00000000 ____D C:\Users\Jürgen\Documents\1 und 1
2015-05-10 10:12 - 2014-06-02 07:19 - 00002232 ____H C:\Users\Jürgen\Documents\Default.rdp

==================== Files in the root of some directories =======

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Jürgen\AppData\Roaming\eYuGvhP2muwKU0OH9mh
2015-05-24 18:58 - 2015-05-24 18:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\2314.exe
C:\Users\Jürgen\AppData\Local\Temp\ECC58836-29C1-0B6F-D24A-D38AB68426A8.dll
C:\Users\Jürgen\AppData\Local\Temp\eFixProPackage.exe
C:\Users\Jürgen\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Jürgen\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-04 06:37

==================== End of log ============================

OpaPaule · 09.06.2015, 06:38

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Jürgen at 2015-06-09 07:00:30
Running from C:\Users\Jürgen\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-382664376-1932614338-2128433781-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-382664376-1932614338-2128433781-503 - Limited - Disabled)
Gast (S-1-5-21-382664376-1932614338-2128433781-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-382664376-1932614338-2128433781-1006 - Limited - Enabled)
Jürgen (S-1-5-21-382664376-1932614338-2128433781-1000 - Administrator - Enabled) => C:\Users\Jürgen
UpdatusUser (S-1-5-21-382664376-1932614338-2128433781-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.6.1.1024 - 360 Security Center)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
AntiLogger (HKLM-x32\...\AntiLogger) (Version:  - Zemana Ltd.)
AntiLogger (x32 Version: 1.9.3.602 - Zemana Ltd.) Hidden
AOMEI Partition Assistant Standard Edition 5.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Berlin Stadtplan CD Routing Vollversion (HKLM-x32\...\ST6UNST #1) (Version:  - )
BrowserV03.06 (HKLM-x32\...\BrowserV03.06) (Version: 1.36.01.22 - BrowserV03.06)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
ChrisPC Win Experience Index 3.30 (HKLM-x32\...\{1116089C-14B5-1A23-8113-6124567ABCDE}_is1) (Version:  - Chris P.C. srl)
Driver Magician 4.3 (HKLM-x32\...\Driver Magician_is1) (Version:  - GoldSolution Software, Inc.)
EaseUS Todo PCTrans 8.0 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version:  - EaseUS)
EfficientPIM 3.60 (HKLM-x32\...\EfficientPIM_is1) (Version:  - Efficient Software)
eFix Pro (HKLM\...\eFix Pro) (Version: 1.8.1.1 - Reimage)
ELAN Touchpad 11.15.0.12_X64 (HKLM\...\Elantech) (Version: 11.15.0.12 - ELAN Microelectronic Corp.)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
HQ Video Pro 3.1cV04.06 (HKLM-x32\...\HQ Video Pro 3.1cV04.06) (Version: 1.36.01.22 - HQ VideoV04.06)
IncrediBackup (HKLM-x32\...\IncrediBackup) (Version: 1.0.0.1087 - IncrediMail Ltd.)
IncrediBackup (x32 Version: 1.0.0.1087 - Ihr Firmenname) Hidden
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3993 - Intel Corporation)
KeyCrypt SDK version 1.8.1.199 (HKLM-x32\...\{5575EADE-4685-4E15-A9CD-6036BC2A3F75}_is1) (Version: 1.8.1.199 - Zemana Ltd.)
LibreOffice 4.4.3.2 (HKLM-x32\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft AutoRoute 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-3333BC2C2B6D}) (Version: 19.0.21.0500 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
Nitro Pro 9 (HKLM\...\{09425538-32A2-4D64-941B-ECE170A08BCC}) (Version: 9.0.7.5 - Nitro)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.84 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Photo Background Remover 1.1 (HKLM-x32\...\Photo Background Remover_is1) (Version: 1.1 - SoftOrbits)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
RegRun Reanimator (HKLM-x32\...\Greatis Reanimator_is1) (Version:  - Greatis Software, LLC.)
RegRun Reanimator (HKLM-x32\...\UnHackMe Update - Reanimator_is1) (Version:  - Greatis Software, LLC.)
Reincubate Recover Files (HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Reincubate Recover Files) (Version: 1.0.5.0 - Reincubate Ltd)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Stellar Phoenix Windows Data Recovery - Home (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Home_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd)
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.35.162 - Haufe-Lexware GmbH & Co.KG)
WinISO (HKLM-x32\...\WinISO) (Version: 6.3.0.4748 - WinISO Computing Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_DE_is1) (Version: 17.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

04-06-2015 05:48:47 Windows Update
07-06-2015 19:45:07 Windows Update
08-06-2015 07:14:06 TAXMAN 2015 wurde installiert.
08-06-2015 07:14:37 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
08-06-2015 07:15:15 Installed AAVUpdateManager.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-04-25 05:37 - 2015-06-02 17:30 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0665D2AA-C24F-48DA-B70B-1018662DC582} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {074C7502-CC9F-4BAE-87E3-8FF079532DE9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-04-25] (Microsoft Corporation)
Task: {0C3C4D9B-22D3-47DD-88EB-FA19B300BE4E} - \f81615ae-5d10-4967-9f1d-e3f330bb6a9b-4 No Task File <==== ATTENTION
Task: {0D2254DB-CDAD-4D5A-8BAE-09A196CAAF63} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\HypervisorFlightingTask
Task: {1044CF37-A412-4BF0-9E33-4E9B9E1B1713} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_RebootDisplay => C:\windows\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {11D3374A-AD3F-4299-8DE7-4D25C715E068} - \f81615ae-5d10-4967-9f1d-e3f330bb6a9b-1-7 No Task File <==== ATTENTION
Task: {14FA2C0D-3A1D-4D57-9E8C-A00576F03D4D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {18E15108-AB5D-4BF4-89A7-E23D96ECB6BB} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {1D4D0CF3-8052-4A0D-9E7C-19340F3CE458} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-04-25] (Microsoft Corporation)
Task: {266FDBAA-47DF-44B1-B955-27D138E89DFD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Update_Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {2F833A36-2B88-4359-80C0-6BAD2E3DBE57} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {367F3D3E-B254-4153-8131-E327A0337B89} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3A0B4A77-58DE-4C8B-9F00-6ABB859848FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {3D0DE39F-3425-4AA9-ABD6-A5C69D967C0D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-04-25] (Microsoft Corporation)
Task: {41CF741F-17B4-4DDB-84DD-87E8CCE3FD53} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Update_RebootDialog => C:\WINDOWS\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {41E46165-DCE3-4172-BFBD-A68FEC589883} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-04-25] (Microsoft Corporation)
Task: {44FFA471-A5D5-47A5-939B-746FBADD78C7} - \509592fb-cd19-4fc4-a701-100ee41b953a-5 No Task File <==== ATTENTION
Task: {4691E6C9-54F9-4272-BA2C-8C084F017080} - \509592fb-cd19-4fc4-a701-100ee41b953a-1-7 No Task File <==== ATTENTION
Task: {55932C01-117A-4591-89F6-651825B21D40} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {589D2417-0F88-4E46-A6DC-5BB1BBB0D447} - \509592fb-cd19-4fc4-a701-100ee41b953a-1-6 No Task File <==== ATTENTION
Task: {61618B3B-8744-4FCB-BC33-51378E222441} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-04-25] (Microsoft Corporation)
Task: {61F52CA4-AE43-4ADB-9F55-EE6681979D17} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {6C0E2B4A-3027-4B00-BCCA-5E6AE58F80A8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Update_RebootToast => C:\WINDOWS\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {6CA86238-FD9E-42E9-9175-BFF660C6C516} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {7013D956-D379-4440-8CFC-D8A7D5F67DBD} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {71568F34-D9D9-4DCF-B16E-D0E7E686F507} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {72F56A2F-899A-43D3-B2F5-94C5EFE307F8} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-04-25] (Microsoft Corporation)
Task: {77313CA4-2B8F-4C78-BF3D-2541520A2DAC} - \globalUpdateUpdateTaskMachineCore1d09e90212f26ad No Task File <==== ATTENTION
Task: {7C0DBC07-BB89-436C-B511-225A892B7D4B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: {7F54238B-5764-4E6D-B2CF-885209A4B0FF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-24] (Realtek Semiconductor)
Task: {82B68E5D-FE3D-468C-868E-C10A19D8DE0F} - System32\Tasks\SpeechRuntimeTask => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2015-04-25] (Microsoft Corporation)
Task: {85309F05-13F8-48CC-9316-1ACAE6128D5B} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {87B36780-A210-47EE-AE35-5B7BA65E0E1E} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {8FF4024B-0FD6-4237-9D79-D081D5BBC08F} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-04-25] (Microsoft Corporation)
Task: {97401792-5045-437E-8469-596E39D44B39} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {99D11EAE-2B6B-4C7C-B19A-560559E09F92} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_WnfDisplay => C:\windows\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {A463F65C-A0D9-4131-93EB-3DE254A10615} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-04] (Avast Software s.r.o.)
Task: {B30747C4-5FF0-45F6-B7F9-E32B90504DE6} - System32\Tasks\ASC6_PerformanceMonitor => H:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-01-14] (IObit)
Task: {B47FA05F-CE29-4431-A598-90333E2550B2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {BE70B822-584C-4AA1-9A4A-C8C9C2CF75F9} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {C930CCDA-692A-4C46-B09C-E51F33BFB798} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-04-25] (Microsoft Corporation)
Task: {CBB9856A-0F14-47C0-828B-15C769CF1467} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-04-25] (Microsoft Corporation)
Task: {D4FBCB18-1691-4A5B-8458-15C54D218609} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {DCA13A11-D481-461D-A203-6734CB1476E5} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-04-25] (Microsoft Corporation)
Task: {E3D13D83-810C-49FF-9E9C-45D3F2C69833} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-04-25] (Microsoft Corporation)
Task: {EAC4A6E0-7043-4C4B-8076-FE24446437E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {F6D40E60-C987-49D3-9551-2D18F637208E} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-04-25] (Microsoft Corporation)
Task: {FB64AB47-950B-4268-A05B-F05BBAC1D0CD} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {FDFFB576-A5D4-4153-8DE2-39527283B01B} - \f81615ae-5d10-4967-9f1d-e3f330bb6a9b-1-6 No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Loaded Modules (Whitelisted) ==============

2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
2015-04-25 05:13 - 2015-04-25 05:13 - 00379904 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-04-25 05:15 - 2015-04-25 05:15 - 02211792 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-25 05:15 - 2015-04-25 05:15 - 02211792 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-06 17:39 - 2015-05-18 12:20 - 00613968 _____ () H:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 01894400 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.ActionCenter.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 06630400 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\StartUI.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 01019392 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\JumpViewUI.dll
2015-04-25 05:15 - 2015-04-25 05:15 - 02211792 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00579072 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\BatteryFlyoutExperience.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00461824 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ClockFlyoutExperience.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 02473984 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\DevicesFlowUI.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00457216 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 01222656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\NetworkUX.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00313344 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00842752 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickConnectUI.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00138752 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 06160896 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\SearchUI.exe
2015-04-25 10:32 - 2015-04-25 10:32 - 00163328 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\Cortana.Settings.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 04650496 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\CortanaApi.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 02118656 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\RemindersUI.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 00099840 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\Cortana.Authentication.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 01254400 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\Cortana.BackgroundTask.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 00141824 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\Cortana.Dss.BackgroundTask.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 00196608 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\CortanaApi.ProxyStub.dll
2015-06-04 16:53 - 2015-06-04 16:53 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-04 16:53 - 2015-06-04 16:53 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-07 19:37 - 2015-06-07 19:37 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060701\algo.dll
2015-06-08 15:08 - 2015-06-08 15:08 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060800\algo.dll
2013-01-25 15:53 - 2013-01-14 18:24 - 00349008 _____ () H:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-01-25 15:53 - 2013-01-14 18:24 - 00183632 _____ () H:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-01-25 15:53 - 2013-01-14 18:24 - 00051024 _____ () H:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-01-25 15:53 - 2013-01-14 18:24 - 00893264 _____ () H:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
2015-05-26 06:38 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-04 16:53 - 2015-06-04 16:53 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00272808 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2013-10-01 15:02 - 2013-10-01 15:02 - 00108888 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2015-04-25 05:15 - 2015-04-25 05:15 - 02211792 _____ () C:\Windows\System32\CoreUIComponents.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:FCA8C9CD

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreUIRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreUIRegistrar => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{3732FF99-C117-4752-B1DF-93E0F1B95C80}C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe
FirewallRules: [UDP Query User{277EAB8B-3ADA-4583-AA29-F2433E28F8CB}C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe
FirewallRules: [{74127440-6438-4320-B9D6-D0B299C1BC82}] => (Block) C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe
FirewallRules: [{E1BB3445-8E78-40D6-A5EB-16E37F66DA7E}] => (Block) C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe
FirewallRules: [{68F073AF-2493-4635-9AB5-D6C06DFFA288}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AA4D2173-A308-4262-9F8F-EBF3470B3BD8}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{9CFD4DC2-DFF8-4BAC-9218-573F3A8FBEB0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{D67B0603-3800-4FB7-A156-6D5F687E1549}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{47DA1A59-584D-47DF-B2C3-1170826C8A90}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{B7162D19-3459-4F64-B9BE-2AF43A2AD0E4}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{38CA7785-687C-4A29-A546-D00F4F5A7B3E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{5F5B901D-E2E0-4EE6-962A-036B25ADD426}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{4C48E914-7C8D-4487-B147-8F4042EC6244}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{8BB9FD6B-6491-409A-A1F0-9390B19DF90A}] => (Allow) C:\Program Files (x86)\EfficientPIM\EfficientPIM.exe
FirewallRules: [{49CEF473-E6B6-47DE-9AC6-05383FD1935C}] => (Allow) C:\Program Files (x86)\EfficientPIM\EfficientPIM.exe
FirewallRules: [{8BC4D540-2BCD-4898-80A2-02521C0BFD51}] => (Allow) C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A7DA0AEA-56CD-49BF-947C-315267E0BC18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{255AAC25-BFDB-42C0-AC50-1FB74DFBB8B5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{85111964-D4BF-43FB-AF4F-F89F1E659D47}] => (Allow) C:\Users\Jürgen\Downloads\360TS_Setup_Mini.exe
FirewallRules: [{33D50040-D109-4C30-9CB8-B6A11B74DE50}] => (Allow) C:\Users\Jürgen\Downloads\360TS_Setup_Mini.exe
FirewallRules: [{DC173CC0-94B3-40F8-9030-97694590DF79}] => (Allow) H:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{1FAF52E9-805B-4D3A-BD22-A9E78FF7CBD4}] => (Allow) H:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{8015ACBD-2B95-4CB3-BA67-818BA5E1EB2B}] => (Allow) H:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{7C76AB22-EDEF-4D91-AF13-50DD6B2E7B45}] => (Allow) H:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros AR3012 Bluetooth 4.0
Description: Qualcomm Atheros AR3012 Bluetooth 4.0
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Microsoft Streaming Service Proxy
Description: Microsoft Streaming Service Proxy
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSKSSRV
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: L:\
Description: 0AS             
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: ST964032
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Generic Flash Disk USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: MULTIBOOT
Description: 0AS             
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: ST964032
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: SAMSUNG Mobile USB Modem
Description: SAMSUNG Mobile USB Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: Modem
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Serielles USB-Gerät (COM3)
Description: Serielles USB-Gerät
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: usbser
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft virtuelles DVD-ROM-Laufwerk
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB 2.0 SD/MMC Reader USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: TOSHIBA TransMemory USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: PnP-Monitor (Standard)
Description: PnP-Monitor (Standard)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardmonitortypen)
Service: monitor
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Intel WiDi Audio Device
Description: Intel WiDi Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: intaud_WaveExtensible
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Intel WiDi Audio Device
Description: Intel WiDi Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: intaud_WaveExtensible
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft ISATAP Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB Reader USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standard-Volumeschattenkopie
Description: Standard-Volumeschattenkopie
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: ST964032 0AS USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: K:\
Description: MFC-465CN       
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Brother 
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: J:\
Description: 0AS             
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: ST964032
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Verbundgerät
Description: USB-Verbundgerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbccgp
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: SAMSUNG_Android
Description: SAMSUNG_Android
Class Guid: 
Manufacturer: 
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Nicht-PnP Monitor (Standard)
Description: Nicht-PnP Monitor (Standard)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardmonitortypen)
Service: monitor
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: SAMSUNG Android ADB Interface
Description: SAMSUNG Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: WinUSB
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: I:\
Description: USB Reader      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer:         
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Jürgen Mehlhorn (Galaxy Note4)
Description: SM-N910F
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFWpdMtp
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: HID-konforme Maus
Description: HID-konforme Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung
Description: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSTEE
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Trusted Audio Drivers
Description: Microsoft Trusted Audio Drivers
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: drmkaud
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: PnP-Monitor (Standard)
Description: PnP-Monitor (Standard)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardmonitortypen)
Service: monitor
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: SAMSUNG Mobile USB Composite Device 
Description: SAMSUNG Mobile USB Composite Device 
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: dg_ssudbus
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: System-reserviert
Description: 0AS             
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: ST964032
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Druckerunterstützung
Description: USB-Druckerunterstützung
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Canon Bubble-Jet BJC-85
Description: Canon Bubble-Jet BJC-85
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Canon
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: I:\
Description: TransMemory     
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: TOSHIBA 
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Proxy für Streaming Quality Manager
Description: Microsoft Proxy für Streaming Quality Manager
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSPQM
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN Remote Setup Port (COM6)
Description: Brother MFC-465CN Remote Setup Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Brother
Service: BrSerIf
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Eingabegerät
Description: USB-Eingabegerät
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardsystemgeräte)
Service: HidUsb
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN
Description: Brother MFC-465CN
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Brother
Service: usbscan
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: I:\
Description: SD/MMC Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: USB 2.0 
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Druckerunterstützung
Description: USB-Druckerunterstützung
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: BrotherMFC-465CN
Description: BrotherMFC-465CN
Class Guid: 
Manufacturer: 
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN Printer
Description: Brother MFC-465CN Printer
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Brother
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft VHD-Loopbackcontroller
Description: Microsoft VHD-Loopbackcontroller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vhdmp
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Jürgen Mehlhorn (Galaxy Note4)
Description: SM-N910F
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFWpdMtp
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN Printer
Description: Lokale Druckwarteschlange
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Brother
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Canon Bubble-Jet BJC-85
Description: Lokale Druckwarteschlange
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Canon
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Proxy für Streaming Clock
Description: Microsoft Proxy für Streaming Clock
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSPCLOCK
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung
Description: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSTEE
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: I:\
Description: Flash Disk      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2015 06:58:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Asus-K95VB)
Description: Bei der Aktivierung der App „Microsoft.WindowsDefaultLockScreen_8wekyb3d8bbwe!LockApp“ ist folgender Fehler aufgetreten: -2147023496. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/09/2015 06:21:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2015 06:21:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2015 06:21:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2015 06:21:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2015 06:20:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2015 06:20:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2015 06:20:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2015 06:20:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/09/2015 06:20:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/08/2015 07:56:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/08/2015 07:51:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioEndpointBuilder erreicht.

Error: (06/08/2015 07:50:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WlanSvc erreicht.

Error: (06/08/2015 04:04:24 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "tiledatamodelsvc" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (06/08/2015 04:02:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "tiledatamodelsvc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/08/2015 11:07:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/08/2015 11:07:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (06/08/2015 11:07:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/08/2015 11:07:55 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (06/08/2015 11:07:50 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.


Microsoft Office:
=========================
Error: (06/09/2015 06:58:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Asus-K95VB)
Description: Microsoft.WindowsDefaultLockScreen_8wekyb3d8bbwe!LockApp-2147023496

Error: (06/09/2015 06:21:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/09/2015 06:21:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/09/2015 06:21:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/09/2015 06:21:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/09/2015 06:20:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/09/2015 06:20:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/09/2015 06:20:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/09/2015 06:20:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/09/2015 06:20:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL


CodeIntegrity Errors:
===================================
  Date: 2015-06-04 06:37:16.725
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-03 07:08:15.104
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-01 14:01:47.528
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-27 18:20:56.783
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 13%
Total physical RAM: 16263.25 MB
Available physical RAM: 14003.75 MB
Total Pagefile: 17287.25 MB
Available Pagefile: 14862.42 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.96 GB) (Free:358.33 GB) NTFS
Drive d: (Volume) (Fixed) (Total:97.66 GB) (Free:42.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (J O B) (Fixed) (Total:390.63 GB) (Free:366.59 GB) NTFS
Drive h: (Aspire HEF) (Fixed) (Total:443.22 GB) (Free:289.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F3697AC5)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 476.9 GB) (Disk ID: 09E876F5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=476 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of log ============================

--- --- ---

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 09.06.2015
Suchlauf-Zeit: 06:25:03
Logdatei: MalWareBytes 9.6.15.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.09.01
Rootkit Datenbank: v2015.06.02.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: JÃ¼rgen

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 430296
Verstrichene Zeit: 6 Min, 8 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 13
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserV03.06, , [465f9f199bef48ee7e53720431d5ad53], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HQ Video Pro 3.1cV04.06, , [f1b4b7015a30280e19b885f17195fc04], 
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV03.06, , [90152395aae0cb6ba1adea0158ab3ac6], 
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV03.06-nv-ie, , [891c6b4de6a462d41c320be0be4510f0], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV04.06, , [9b0a80388a00979fa808f203be456c94], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV04.06-nv-ie, , [871ed1e779110333614f777e986b728e], 
PUP.Optional.SaleCharger.A, HKLM\SOFTWARE\WOW6432NODE\SaleCharger, , [adf85c5c74163afcc4b1324f4fb648b8], 
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [e9bcedcb0d7dfb3b38e3f4f7aa599c64], 
PUP.Optional.BrowserApps.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\BrowserV03.06-nv-ie, , [d8cd298f26640a2cc28dd813a26144bc], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\HQ Video Pro 3.1cV04.06-nv-ie, , [adf8199f7812fc3a555c1dd8cb38817f], 
PUP.Optional.ReImageRepair.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., , [0a9be3d5dbaf65d1ceda13733fc638c8], 
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\PRODUCTSETUP, , [1e879e1a8cfe8fa70395bec9f2137f81], 
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7D6A4E92-DA7F-185F-9B56-4237FE681640}, , [a203397f73174aec4b5b6ed30105a060], 

Registrierungswerte: 1
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\PRODUCTSETUP|tb, , [1e879e1a8cfe8fa70395bec9f2137f81], 

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 6
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06, , [f9ac5c5cfe8c34022debab3f82811de3], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06, , [d6cf2791dcaed16574a49b4f25de13ed], 
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116, , [594cc1f72a60b77fffc3be0c71925ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682, , [861f4c6cd1b99b9be9d9646613f0a060], 

Dateien: 72
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06\Uninstall.exe, , [465f9f199bef48ee7e53720431d5ad53], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\Uninstall.exe, , [f1b4b7015a30280e19b885f17195fc04], 
PUP.Optional.BrowserApps.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\2314.exe, , [ffa67543a7e36accc2b9c0b561a51fe1], 
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\ReimagePackage.exe, , [792c53657317dc5a3814bbad7a88cc34], 
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\ReiSysUpdate.exe, , [c9dcedcbeaa05adc7dcff375d929dc24], 
PUP.Optional.HQVideoPro.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\0bba789d-7126-40d1-a124-c198f753ca0b\setup.exe, , [d1d4caeec0caf541e211452e8a7c45bb], 
PUP.Optional.WebBar.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\2b362db1-9ce5-47b1-bfe9-6b211a909fbf\web_bar_setup.exe, , [22831c9c99f12a0c2ed989bafa085fa1], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdate.exe, , [0e97467225654fe7009350fc8d7508f8], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateBroker.exe, , [c6df3f799eeca195345f212ba75b04fc], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateCrashHandler.exe, , [129306b2fd8d47ef623181cbba4817e9], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateOnDemand.exe, , [34712197f09acb6bc7cc3f0de31fdf21], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\goopdate.dll, , [6540f8c0f09a6acc415264e85da5cd33], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\goopdateres_en.dll, , [3f66bbfda4e6e3534a49d5776d9553ad], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\npglobalupdateUpdate4.dll, , [a30246721476a98d6e253319d32fc23e], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\psmachine.dll, , [9a0bf5c3583280b6cfc4a5a78c762ad6], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\psuser.dll, , [8f160eaa2d5d0a2c3d56d379b84a5ea2], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdate.exe, , [5a4b00b8731748eedbb8c18baf5352ae], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateBroker.exe, , [a9fceace5f2bad89b9da85c7db27a25e], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateCrashHandler.exe, , [188dc2f60d7d3ff7d5be0646c33f34cc], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateOnDemand.exe, , [12934573cbbfee48316277d5fe045da3], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\goopdate.dll, , [42635c5ca0ea3204266d72daf1112cd4], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\goopdateres_en.dll, , [eeb76454b1d95dd99cf7b597a26003fd], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\npglobalupdateUpdate4.dll, , [2d7811a7a3e7b77face777d5649e6a96], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\psmachine.dll, , [d4d13b7d07833afc5d36123a14eeb44c], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\psuser.dll, , [f9ac704888029f979003e864fa08847c], 
PUP.Optional.APNToolBar.A, C:\Users\JÃ¼rgen\Documents\APNSetup1.exe, , [3d684b6d5535e551650b0163fe049868], 
PUP.Optional.Bundle, C:\Users\JÃ¼rgen\Downloads\Brothersoft_downloader_For_Cash_Flow.exe, , [5451d0e8fc8eaa8c579cc45bf70b5da3], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\dexpot_1614_r2439_CB-DL-Manager.exe, , [bde8c7f16e1ceb4b215583e42ed4e917], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\dixmlsetup_CB-DL-Manager.exe, , [5451e7d1a5e58caaadc9e87fa75b58a8], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\EfficientPIMFree-Setup_CB-DL-Manager.exe, , [6e37e2d61e6c7eb8fa7c214650b2ec14], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\PureSyncInst_CB-DL-Manager.exe, , [485d6f49dfab59dd91e5d88f3ac8ee12], 
PUP.Optional.DomalIQ.SID.A, C:\Users\JÃ¼rgen\Downloads\registry_easy.exe, , [bbeaf8c00e7cb2842f0b0e6853b33fc1], 
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\Downloads\ReimageRepair.exe, , [ecb9ccec147645f179d3650308fa13ed], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\slimdrivers-setup_CB-DL-Manager.exe, , [82232593a4e6cf67bbbbf5726f930000], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\spsetup127_CB-DL-Manager.exe, , [32733286424841f5beb8d69162a01fe1], 
PUP.Optional.MultiPlug.A, C:\Users\JÃ¼rgen\Downloads\Abelssoft AntiLogger 2015.full.rar.exe, , [069f96222e5c67cfccccb7bfff07f20e], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\wajam.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\amazon.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\argos.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ask.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\bestbuy.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ebay.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\etsy.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\facebook.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\favicon.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\google.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\homedepot.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ikea.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\imdb.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\lowes.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\mercado.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\mysearchweb.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\myshopping.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\searchresult.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\sears.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\setting.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\settings.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\shopping.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\target.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\tesco.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\tripadvisor.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\twitter.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\walmart.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\wiki.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\yahoo.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\zalando.ico, , [e7bee5d3cac0e2547d0e16d37b8844bc], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06\bgNova.html, , [f9ac5c5cfe8c34022debab3f82811de3], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\bgNova.html, , [d6cf2791dcaed16574a49b4f25de13ed], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\f81615ae-5d10-4967-9f1d-e3f330bb6a9b.xpi, , [d6cf2791dcaed16574a49b4f25de13ed], 
PUP.Optional.WebTInst.A, C:\WINDOWS\System32\drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf, , [7a2bad0b5d2d8aac0cc00ce7c0431fe1], 
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateHelper.msi, , [594cc1f72a60b77fffc3be0c71925ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateHelper.msi, , [861f4c6cd1b99b9be9d9646613f0a060], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Das war's!

OpaPaule · 12.06.2015, 04:11

Moin,

will mir Keiner mehr helfen ?

Warlord711 · 12.06.2015, 10:13

Hmm, Thema ist vom Radar verschwunden gewesen - sorry !

Die Malware Funde bitte wie in der Anleitung beschrieben, in Quarantäne verschieben lassen:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Und bitte neue FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

OpaPaule · 12.06.2015, 14:49

Hallo,

hier die mbam.txt und die chkup.txt Datei:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 12.06.2015
Suchlauf-Zeit: 15:04:36
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.12.03
Rootkit Datenbank: v2015.06.02.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: JÃ¼rgen

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 432603
Verstrichene Zeit: 7 Min, 31 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 13
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserV03.06, In Quarantäne, [ebe861586e1c40f68d275d1eda2c827e], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HQ Video Pro 3.1cV04.06, In Quarantäne, [def5982112788ea84470aecd967044bc], 
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV03.06, In Quarantäne, [4d86d9e0b4d6cd69bf6e1ed18f74f808], 
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV03.06-nv-ie, In Quarantäne, [13c00aafa5e548ee3eef32bd25de718f], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV04.06, In Quarantäne, [7c57b504c8c237ff0f7e9b5e976ce61a], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV04.06-nv-ie, In Quarantäne, [894aad0cee9c1a1cabe2be3b9f648b75], 
PUP.Optional.SaleCharger.A, HKLM\SOFTWARE\WOW6432NODE\SaleCharger, In Quarantäne, [7b5884355c2e181e4ef2bdc87d88926e], 
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [19ba922788022e0873871ed035ceb54b], 
PUP.Optional.BrowserApps.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\BrowserV03.06-nv-ie, In Quarantäne, [d6fd6950286278be0d21c02f23e0916f], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\HQ Video Pro 3.1cV04.06-nv-ie, In Quarantäne, [448f15a46c1e89ad197529d00bf87a86], 
PUP.Optional.ReImageRepair.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., In Quarantäne, [874c4d6c8efc3cfaee805e2c24e125db], 
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\PRODUCTSETUP, In Quarantäne, [01d2dbde0288f1452539206b39cc46ba], 
PUP.Optional.CheckMeUp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7D6A4E92-DA7F-185F-9B56-4237FE681640}, In Quarantäne, [a3308435028802345e1cb98dcf37f010], 

Registrierungswerte: 1
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-382664376-1932614338-2128433781-1000\SOFTWARE\PRODUCTSETUP|tb, In Quarantäne, [01d2dbde0288f1452539206b39cc46ba], 

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 6
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06, In Quarantäne, [369d0eabe0aac6709a5deeff689bcc34], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06, In Quarantäne, [953e8237e0aae056dd1afaf3828114ec], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116, In Quarantäne, [2aa938815832e55189cc28a6f310c63a], 
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682, In Quarantäne, [943ff2c796f452e4e3722da1c83ba957], 

Dateien: 72
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06\Uninstall.exe, In Quarantäne, [ebe861586e1c40f68d275d1eda2c827e], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\Uninstall.exe, In Quarantäne, [def5982112788ea84470aecd967044bc], 
PUP.Optional.BrowserApps.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\2314.exe, In Quarantäne, [9f348831cebcd85e55ff5426848209f7], 
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\ReimagePackage.exe, In Quarantäne, [5e752e8bbdcd64d294530f59c63c13ed], 
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\ReiSysUpdate.exe, In Quarantäne, [b023625793f744f2d017145422e059a7], 
PUP.Optional.HQVideoPro.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\0bba789d-7126-40d1-a124-c198f753ca0b\setup.exe, In Quarantäne, [5e755564305a06308a42d3a59c6a966a], 
PUP.Optional.WebBar.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\2b362db1-9ce5-47b1-bfe9-6b211a909fbf\web_bar_setup.exe, In Quarantäne, [bc17b306d4b6e155abffd370b052d22e], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdate.exe, In Quarantäne, [5c7716a3305ad85ea98d92bb6f93ba46], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateBroker.exe, In Quarantäne, [e7eccfea14764ceaab8b60edd32fd62a], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateCrashHandler.exe, In Quarantäne, [13c0dbde662425110234fb52fa08b64a], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateOnDemand.exe, In Quarantäne, [ae253b7edfab9b9be84e97b68f73738d], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\goopdate.dll, In Quarantäne, [18bb14a5deaca59158de351850b21be5], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\goopdateres_en.dll, In Quarantäne, [06cd7a3f573369cd6fc7a5a85ea4de22], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\npglobalupdateUpdate4.dll, In Quarantäne, [4a8969502b5f0e283cfa99b42ed4ff01], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\psmachine.dll, In Quarantäne, [c40f9f1aa3e7e35391a52b22d13132ce], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\psuser.dll, In Quarantäne, [ece78a2feb9f9e9842f484c9a35f8977], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdate.exe, In Quarantäne, [1db603b6dbaf8caa91a57fce45bd7789], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateBroker.exe, In Quarantäne, [a033bcfd39512f07d2644409669c20e0], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateCrashHandler.exe, In Quarantäne, [d300b207800a181e83b3d578ad5501ff], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateOnDemand.exe, In Quarantäne, [33a06356e2a882b49e980f3e8a785fa1], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\goopdate.dll, In Quarantäne, [2da67f3a7812e94df64057f6d32f768a], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\goopdateres_en.dll, In Quarantäne, [a52e01b88901033378beda7357ab718f], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\npglobalupdateUpdate4.dll, In Quarantäne, [28abc9f0cdbdda5ceb4b2429aa580df3], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\psmachine.dll, In Quarantäne, [775cd2e76327fb3b360061ec9d65de22], 
PUP.Optional.ModGoog, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\psuser.dll, In Quarantäne, [518216a392f8cf67a492c28bff032dd3], 
PUP.Optional.APNToolBar.A, C:\Users\JÃ¼rgen\Documents\APNSetup1.exe, In Quarantäne, [547f2b8e91f9f343848a0a5b42c01de3], 
PUP.Optional.Bundle, C:\Users\JÃ¼rgen\Downloads\Brothersoft_downloader_For_Cash_Flow.exe, In Quarantäne, [07cc6e4bafdb8bab573ff729e0225fa1], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\dexpot_1614_r2439_CB-DL-Manager.exe, In Quarantäne, [577ca51495f5e5515ab8fe6a887a8d73], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\dixmlsetup_CB-DL-Manager.exe, In Quarantäne, [d00364558802dd59c84a105839c9fd03], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\EfficientPIMFree-Setup_CB-DL-Manager.exe, In Quarantäne, [14bf7c3dfb8f22145cb6f27632d045bb], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\PureSyncInst_CB-DL-Manager.exe, In Quarantäne, [b51eaf0a206a52e417fb3f2916ecff01], 
PUP.Optional.DomalIQ.SID.A, C:\Users\JÃ¼rgen\Downloads\registry_easy.exe, In Quarantäne, [ebe8dcdda5e5ca6c47d63f3c33d33fc1], 
PUP.Optional.ReImageRepair.A, C:\Users\JÃ¼rgen\Downloads\ReimageRepair.exe, In Quarantäne, [755e9d1c13776accb631f672c0420bf5], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\slimdrivers-setup_CB-DL-Manager.exe, In Quarantäne, [bf1412a7abdf11252ce6095fb250f50b], 
PUP.Optional.DownloadGuide.A, C:\Users\JÃ¼rgen\Downloads\spsetup127_CB-DL-Manager.exe, In Quarantäne, [8152e8d1c4c6a690e72bf77104fe2cd4], 
PUP.Optional.MultiPlug.A, C:\Users\JÃ¼rgen\Downloads\Abelssoft AntiLogger 2015.full.rar.exe, In Quarantäne, [775cdedb9dede155aad16c0f20e6916f], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV03.06\bgNova.html, In Quarantäne, [369d0eabe0aac6709a5deeff689bcc34], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\bgNova.html, In Quarantäne, [953e8237e0aae056dd1afaf3828114ec], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV04.06\f81615ae-5d10-4967-9f1d-e3f330bb6a9b.xpi, In Quarantäne, [953e8237e0aae056dd1afaf3828114ec], 
PUP.Optional.WebTInst.A, C:\WINDOWS\System32\drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf, In Quarantäne, [696a883193f748ee02a7688f2dd67d83], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\wajam.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\amazon.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\argos.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ask.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\bestbuy.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ebay.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\etsy.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\facebook.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\favicon.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\google.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\homedepot.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ikea.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\imdb.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\lowes.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\mercado.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\mysearchweb.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\myshopping.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\searchresult.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\sears.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\setting.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\settings.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\shopping.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\target.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\tesco.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\tripadvisor.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\twitter.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\walmart.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\wiki.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\yahoo.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\zalando.ico, In Quarantäne, [01d2dcddd5b54aecc405d0bbd1344cb4], 
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.101116\globalupdateHelper.msi, In Quarantäne, [2aa938815832e55189cc28a6f310c63a], 
PUP.Optional.GlobalUpdate.A, C:\Users\JÃ¼rgen\AppData\Local\Temp\comh.494682\globalupdateHelper.msi, In Quarantäne, [943ff2c796f452e4e3722da1c83ba957], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

 Results of screen317's Security Check version 1.002  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender     
avast! Antivirus     
360 Total Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 	17.0.0.188  
 Mozilla Firefox (38.0.5) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Warlord711 · 12.06.2015, 15:58

Bitte noch aktuelles FRST Log+Addition nachreichen, danke.

OpaPaule · 12.06.2015, 16:44

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Jürgen (administrator) on ASUS-K95VB on 12-06-2015 17:38:57
Running from C:\Users\Jürgen\Downloads
Loaded Profiles: Jürgen (Available Profiles: Jürgen & UpdatusUser)
Platform: Windows 10 Pro Insider Preview (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(QIHU 360 SOFTWARE CO. LIMITED) H:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Qihu Software Co. Limited) H:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\WINDOWS\System32\sihost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IObit) H:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe
() C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\searchui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IObit) H:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(QIHU 360 SOFTWARE CO. LIMITED) H:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Microsoft Corporation) C:\WINDOWS\System32\fontdrvhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\System32\SystemSettingsBroker.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\NetworkUXBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Efficient Software) C:\Program Files (x86)\EfficientPIM\EfficientPIM.exe
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft AutoRoute 2013\AutoRout.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\remindersserver.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Microsoft Corporation) C:\WINDOWS\System32\ApplicationFrameHost.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\WINDOWS\System32\dasHost.exe
(Farbar) C:\Users\Jürgen\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-05-24] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-04] (Avast Software s.r.o.)
HKLM-x32\...\Run: [QHSafeTray] => H:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [287352 2015-05-18] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [AntiLogger] => C:\Program Files (x86)\AntiLogger\AntiLogger.exe [14679464 2014-12-30] (Zemana Ltd.)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7210656 2015-04-25] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7210656 2015-04-25] (Microsoft Corporation)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [OneDrive] => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-24] (Microsoft Corporation)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2015-05-25] (IncrediMail, Ltd.)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [Advanced SystemCare 6] => H:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491856 2013-01-14] (IObit)
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94664 2014-12-30] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86400 2014-12-30] (Zemana Ltd.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-04] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-24] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:53793;https=127.0.0.1:53793
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-382664376-1932614338-2128433781-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-04] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-04] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-25] ()
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-03-13] (Nitro PDF)
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\02220d09-f53e-4ab0-b11e-6e37fb424675.xml [2013-02-14]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\3c42f285-ad6a-4bd8-8af3-ec41cb4a2d08.xml [2013-02-03]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\englische-ergebnisse.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\gmx-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\webde-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{85681726-2887-493D-B28E-EB463B89BDAB}.xml [2011-05-06]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{BE2FB182-94ED-4489-BDDF-10A321B426D4}.xml [2011-05-06]
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\searchplugins\{F2B519D1-C153-4E1E-8A0A-24F2BB75911B}.xml [2011-05-06]
FF Extension: Logitech Device Detection - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\DeviceDetection@logitech.com [2015-05-25]
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\donottrackplus@abine.com [2015-05-29]
FF Extension: Fasterfox Lite - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\FasterFox_Lite@BigRedBrent [2015-05-29]
FF Extension: Unsubscribe.com - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\firefox@unsubscribe.com [2015-05-25]
FF Extension: TooManyTabs - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\TooManyTabs@visibotech.com [2015-05-29]
FF Extension: Facebook PhotoZoom - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b} [2015-05-25]
FF Extension: Home Extension - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{2E6861CA-9A88-4B7B-B935-F810DE84D259} [2015-05-25]
FF Extension: TV-Fox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2015-05-29]
FF Extension: Flashblock - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-05-29]
FF Extension: ReminderFox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2015-05-29]
FF Extension: Preispiraten - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C} [2015-05-25]
FF Extension: TextMarker Go - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{cd6c4ebf-366e-45a0-98b5-b8217288eed7} [2015-05-29]
FF Extension: CSHelper - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2015-05-29]
FF Extension: Bitdefender QuickScan - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-29]
FF Extension: Memory Fox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2015-05-29]
FF Extension: App Advisor for Facebook - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\2c0ce700-f746-11e1-a21f-0800200c9a66@jetpack.xpi [2015-05-25]
FF Extension: about:addons-memory - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\about-addons-memory@tn123.org.xpi [2015-05-25]
FF Extension: About sessionstore - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\aboutsessionstore@dt.xpi [2015-05-27]
FF Extension: Bookmark Favicon Changer - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\bookmarkfaviconchanger@sonthakit.xpi [2015-05-25]
FF Extension: InvisibleHand - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2015-05-25]
FF Extension: Facebook Disconnect - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\facebook@disconnect.me.xpi [2015-05-25]
FF Extension: MEGA - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\firefox@mega.co.nz.xpi [2015-06-11]
FF Extension: GuteGutscheine - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\gutegutscheine@gutegutscheine.com.xpi [2015-05-25]
FF Extension: Facebook Blocker - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\info@skymeissner.com.xpi [2015-05-25]
FF Extension: Lightbeam - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-05-25]
FF Extension: Keyword Search - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\keywordsearch@kaply.com.xpi [2015-05-25]
FF Extension: NoSquint - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\nosquint@urandom.ca.xpi [2015-05-25]
FF Extension: Simple Boss Key - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\simplebosskey@ttt-jl.blogspot.com.xpi [2015-05-29]
FF Extension: Free Hide IP - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\support@free-hideip.com.xpi [2015-05-25]
FF Extension: Mask My IP - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\support@mask-myip.com.xpi [2015-05-25]
FF Extension: Tab Counter - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabcounter@morac.xpi [2015-05-25]
FF Extension: Tab Popup - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabpopup@adarsh.tp.xpi [2015-05-25]
FF Extension: Tab Wheel Scroll - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabscroll@mthamil.xpi [2015-05-25]
FF Extension: Tab Utilities - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\tabutils@ithinc.cn.xpi [2015-05-25]
FF Extension: Tree Style Tab - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2015-05-25]
FF Extension: Session Manager - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-05-25]
FF Extension: Panic Button - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{24cea704-946d-11da-a72b-0800200c9a66}.xpi [2015-05-25]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2015-05-25]
FF Extension: Minimap Addon - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{398e77b8-2304-11dc-8314-0800200c9a66}.xpi [2015-05-25]
FF Extension: Google Shortcuts - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi [2015-05-25]
FF Extension: NoScript - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-25]
FF Extension: {73cdfea6-3722-4bf6-8c28-abdfc75aca0d} - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{73cdfea6-3722-4bf6-8c28-abdfc75aca0d}.xpi [2015-05-25]
FF Extension: Page Title Eraser - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{791DB184-BFBA-11DA-9C61-0638DF403F48}.xpi [2015-05-25]
FF Extension: TabRenamizer - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}.xpi [2015-05-25]
FF Extension: ImTranslator - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2015-05-25]
FF Extension: Password Exporter - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2015-05-25]
FF Extension: Video DownloadHelper - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-06-11]
FF Extension: CoolPreviews - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2015-05-25]
FF Extension: Adblock Plus - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-25]
FF Extension: Tab Mix Plus - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-05-25]
FF Extension: html updater - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{dfc9c4c1-eb54-4db2-9daa-3060ff54fac4}.xpi [2015-05-25]
FF Extension: Greasemonkey - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-25]
FF Extension: Sothink Web Video Downloader for Firefox - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\pz5o8de2-1.default\Extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2015-05-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-04]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - H:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - H:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-06-06]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 AJRouter; C:\Windows\System32\AJRouter.dll [19968 2015-04-25] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-04] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [325120 2015-04-25] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [51712 2015-04-25] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [539136 2015-04-25] (Microsoft Corporation)
R2 CoreUIRegistrar; C:\Windows\system32\coremessaging.dll [709240 2015-04-25] (Microsoft Corporation)
R2 CoreUIRegistrar; C:\Windows\SysWOW64\coremessaging.dll [476672 2015-04-25] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [195584 2015-04-25] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [32256 2015-04-25] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagnosticsHub.StandardCollector.Service.exe [26624 2015-04-25] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [269312 2015-04-25] (Microsoft Corporation)
S2 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [111616 2015-04-25] (Microsoft Corporation)
S2 DoSvc; C:\Windows\system32\svchost.exe [39992 2015-04-25] (Microsoft Corporation)
S2 DoSvc; C:\Windows\SysWOW64\svchost.exe [34800 2015-04-25] (Microsoft Corporation)
S3 DsSvc; C:\Windows\System32\DsSvc.dll [140288 2015-04-25] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [249344 2015-04-25] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-05-24] (ELAN Microelectronics Corp.)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [114176 2015-04-25] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2015-05-27] (Intel Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [23040 2015-04-25] (Microsoft Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [18944 2015-04-25] (Microsoft Corporation)
S3 MapsBroker; C:\Windows\System32\moshost.dll [159232 2015-04-25] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [333824 2015-04-25] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [236544 2015-04-25] (Microsoft Corporation)
R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [421376 2015-04-25] (Microsoft Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-03-13] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [646656 2015-04-25] (Microsoft Corporation)
R2 QHActiveDefense; H:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [839792 2015-05-18] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RetailDemo; C:\Windows\system32\RetailDemoService.dll [709120 2015-04-25] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [162304 2015-04-25] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [594944 2015-04-25] (Microsoft Corporation)
S3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2626560 2015-04-25] (Microsoft Corporation)
S3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [1865728 2015-04-25] (Microsoft Corporation)
R3 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [446464 2015-04-25] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [631808 2015-04-25] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [316928 2015-04-25] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [450048 2015-04-25] (Microsoft Corporation)
S3 WalletSvc; C:\Windows\system32\WalletService.dll [482304 2015-04-25] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [352880 2015-04-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16728 2015-04-25] (Microsoft Corporation)
S3 WpnService; C:\Windows\system32\WpnService.dll [48640 2015-04-25] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [705024 2015-04-25] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1107968 2015-04-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-05-18] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-05-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-05-18] (Qihu 360 Software Co., Ltd.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [17008 2013-12-18] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [17008 2013-12-18] ()
R1 AntiLog32; C:\WINDOWS\system32\drivers\AntiLog64.sys [49752 2015-06-07] (Zemana Ltd.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-04] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-04] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-04] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-04] ()
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3837440 2015-06-02] (Qualcomm Atheros Communications, Inc.)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-05-18] (Qihu 360 Software Co., Ltd.)
S3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2015-05-26] (Brother Industries Ltd.)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [31232 2015-04-25] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [102912 2015-04-25] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38888 2015-04-25] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_b1983a736b1fed34\CompositeBus.sys [39424 2015-04-25] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3437032 2015-04-25] (QLogic Corporation)
S3 fcvsc; C:\Windows\System32\drivers\fcvsc.sys [30720 2015-04-25] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83456 2015-04-25] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfnclass.sys [20480 2015-04-25] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [48104 2015-04-25] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424936 2015-04-25] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [27648 2015-04-25] (Microsoft Corporation)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd.)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [103912 2015-04-25] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [90600 2015-04-25] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59880 2015-04-25] (Avago Technologies)
R2 mirahid; C:\Windows\System32\drivers\mirahid.sys [35840 2015-04-25] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705512 2015-04-25] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [38400 2015-04-25] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76264 2015-04-25] (Mellanox)
U5 NdisCap; C:\Windows\System32\Drivers\NdisCap.sys [49664 2015-04-25] (Microsoft Corporation)
U5 NdisWan; C:\Windows\System32\Drivers\NdisWan.sys [187904 2015-04-25] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [66560 2015-04-25] ()
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [94208 2015-04-25] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_Session1; No ImagePath
U2 OneSyncSvc_Session6; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58344 2015-04-25] (LSI Corporation)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58856 2015-04-25] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
S3 PimIndexMaintenanceSvc_Session1; No ImagePath
U3 PimIndexMaintenanceSvc_Session6; No ImagePath
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [933864 2015-04-25] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-04-25] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-27] (Realsil Semiconductor Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61440 2015-04-25] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [39912 2015-04-25] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_c3e4290174519138\swenum.sys [17384 2015-04-25] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [43008 2015-04-25] ()
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [239592 2015-04-25] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [89576 2015-04-25] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [123368 2015-04-25] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
S3 UnistoreSvc_Session1; No ImagePath
U3 UnistoreSvc_Session6; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [19456 2015-04-25] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [52200 2015-04-25] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [18432 2015-04-25] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
S3 UserDataSvc_Session1; No ImagePath
U3 UserDataSvc_Session6; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [28672 2015-04-25] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [683520 2015-04-25] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117224 2015-04-25] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [105504 2015-04-25] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [16928 2015-04-25] (Microsoft Corporation)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2012-12-31] (WinISO.com)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [27112 2015-04-25] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59368 2015-04-25] (Mellanox)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-04-25] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: dosvc -> No ServiceDLL Path.
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RetailDemoService.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: WalletSvc -> C:\Windows\system32\WalletService.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-12 17:37 - 2015-06-12 17:37 - 00016148 _____ C:\WINDOWS\system32\ASUS-K95VB_Jürgen_HistoryPrediction.bin
2015-06-12 16:54 - 2015-06-12 16:54 - 00000000 ____D C:\Users\Jürgen\AppData\Local\photoOptimizeHistoryDataBase
2015-06-12 16:52 - 2015-06-12 16:52 - 00001367 _____ C:\Users\Public\Desktop\Ashampoo Photo Optimizer 6.lnk
2015-06-12 16:52 - 2015-06-12 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-06-12 16:52 - 2015-06-12 16:52 - 00000000 ____D C:\ProgramData\Ashampoo
2015-06-12 16:52 - 2015-06-12 16:52 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2015-06-12 16:51 - 2015-06-12 16:51 - 00000000 ____D C:\Users\Jürgen\Downloads\Ashampoo Photo Optimizer v6.0.8 Multilingual
2015-06-12 15:45 - 2015-06-12 15:45 - 00000864 _____ C:\Users\Jürgen\Desktop\checkup.txt
2015-06-12 15:43 - 2015-06-12 15:43 - 00014051 _____ C:\Users\Jürgen\Desktop\mbam.txt
2015-06-12 15:29 - 2015-06-12 15:29 - 00000000 ___HD C:\OneDriveTemp
2015-06-12 15:27 - 2015-06-12 15:02 - 00852639 _____ C:\Users\Jürgen\Desktop\SecurityCheck.exe
2015-06-12 15:02 - 2015-06-12 15:02 - 00852639 _____ C:\Users\Jürgen\Downloads\SecurityCheck.exe
2015-06-12 09:58 - 2015-06-12 10:29 - 94032578 _____ C:\Users\Jürgen\Downloads\Ashampoo Photo Optimizer v6.0.8 Multilingual.rar
2015-06-12 05:09 - 2015-06-12 06:03 - 38273024 _____ C:\Users\Jürgen\Desktop\10135.0.150531-1700.WINMAIN_PRS_CLIENTPRO-OEMRET_X64FRE_ML9-2.iso
2015-06-11 21:21 - 2015-06-11 21:21 - 00000000 ____D C:\Recovery
2015-06-11 19:22 - 2015-06-11 19:23 - 38273024 _____ C:\Users\Jürgen\Desktop\10135.0.150531-1700.WINMAIN_PRS_CLIENTPRO-OEMRET_X64FRE_ML9-1.iso
2015-06-11 06:06 - 2015-06-11 20:07 - 00001424 _____ C:\WINDOWS\DtcInstall.log
2015-06-11 06:04 - 2015-06-11 20:05 - 00003097 _____ C:\WINDOWS\comsetup.log
2015-06-10 06:03 - 2015-06-10 06:03 - 00000000 ____D C:\Users\Jürgen\Downloads\BZ-09.06.15
2015-06-09 18:43 - 2015-06-09 18:43 - 00003200 _____ C:\WINDOWS\System32\Tasks\Process Lasso Management Console (GUI)
2015-06-09 18:43 - 2015-06-09 18:43 - 00003190 _____ C:\WINDOWS\System32\Tasks\Process Lasso Core Engine Only
2015-06-09 18:43 - 2015-06-09 18:43 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\ProcessLasso
2015-06-09 18:43 - 2015-06-09 18:43 - 00000000 ____D C:\ProgramData\ProcessLasso
2015-06-09 18:43 - 2015-06-09 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso
2015-06-09 18:43 - 2015-06-09 18:43 - 00000000 ____D C:\Program Files\Process Lasso
2015-06-09 07:28 - 2015-06-09 07:28 - 00075187 _____ C:\Users\Jürgen\Downloads\FRST_2.txt
2015-06-09 07:28 - 2015-06-09 07:28 - 00055730 _____ C:\Users\Jürgen\Downloads\FRST_1.txt
2015-06-09 07:16 - 2015-06-09 07:16 - 00000630 _____ C:\Users\Jürgen\Desktop\JRT.txt
2015-06-09 07:11 - 2015-06-09 07:11 - 02943663 _____ (Thisisu) C:\Users\Jürgen\Desktop\JRT.exe
2015-06-09 05:50 - 2015-06-12 17:39 - 00037244 _____ C:\Users\Jürgen\Downloads\FRST.txt
2015-06-08 17:05 - 2015-06-12 17:39 - 00000000 ____D C:\FRST
2015-06-08 16:02 - 2015-06-12 17:16 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 16:01 - 2015-06-08 16:01 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-08 16:01 - 2015-06-08 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-08 16:01 - 2015-06-08 16:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-08 16:01 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-08 16:01 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-08 16:01 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-08 12:20 - 2015-06-08 12:20 - 00701351 _____ C:\Users\Jürgen\UStErkl  8.6.15.zip
2015-06-08 07:23 - 2015-06-08 07:23 - 00000000 ____D C:\Users\Jürgen\AppData\Local\HL
2015-06-08 07:15 - 2015-06-08 07:15 - 00000000 ____D C:\ProgramData\AAV
2015-06-08 07:14 - 2015-06-08 07:19 - 00002124 _____ C:\Users\Public\Desktop\TAXMAN 2015.lnk
2015-06-08 07:14 - 2015-06-08 07:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2015-06-08 07:14 - 2015-06-08 07:15 - 00000000 ____D C:\Program Files (x86)\Lexware
2015-06-08 07:12 - 2015-06-08 07:12 - 00000000 ____D C:\ProgramData\HL
2015-06-08 06:43 - 2015-06-08 06:43 - 00000000 ____D C:\Users\Jürgen\Downloads\noscript_security_suite-2.6.9.26-sm_fn_fx
2015-06-08 06:29 - 2015-06-08 06:29 - 00001226 _____ C:\Users\Jürgen\Desktop\ChrisPC Win Experience Index.lnk
2015-06-08 06:29 - 2015-06-08 06:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC Win Experience Index
2015-06-08 06:29 - 2015-06-08 06:29 - 00000000 ____D C:\Program Files (x86)\ChrisPC Win Experience Index
2015-06-08 04:58 - 2015-06-08 04:58 - 01329000 _____ (Chris P.C. srl ) C:\Users\Jürgen\Downloads\setup_chrispc_wei_3_30.exe
2015-06-08 04:54 - 2015-06-08 04:54 - 00561331 _____ C:\Users\Jürgen\Downloads\noscript_security_suite-2.6.9.26-sm_fn_fx.zip
2015-06-08 04:51 - 2015-06-08 04:51 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-08 04:47 - 2015-06-08 04:47 - 02108928 _____ (Farbar) C:\Users\Jürgen\Downloads\FRST64(1).exe
2015-06-07 19:36 - 2015-06-07 19:36 - 00000000 ____D C:\RegBackup
2015-06-07 19:17 - 2015-06-08 11:07 - 00265400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-07 19:10 - 2015-06-07 19:10 - 00000000 __SHD C:\found.002
2015-06-07 18:30 - 2014-08-03 08:23 - 00362029 _____ C:\WINDOWS\system32\sqlite3.dll
2015-06-07 08:11 - 2015-06-07 08:11 - 00049752 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\AntiLog64.sys
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 __HDC C:\ProgramData\{02A8F2F7-A05E-4DC5-950D-52243BB4C610}
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\ZALSDK_uninst
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Zemana
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2015-06-07 08:11 - 2015-06-07 08:11 - 00000000 ____D C:\Program Files (x86)\AntiLogger
2015-06-07 08:11 - 2014-12-30 13:31 - 07039960 _____ (Zemana Ltd.) C:\WINDOWS\SysWOW64\ZALSDKCore.dll
2015-06-07 08:11 - 2014-12-30 13:31 - 00076520 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\KeyCrypt64.sys
2015-06-07 08:10 - 2015-06-07 08:10 - 00000000 ____D C:\Users\Jürgen\Downloads\Zemana.v1.9.3.602
2015-06-07 08:09 - 2015-06-07 08:10 - 15919924 _____ C:\Users\Jürgen\Downloads\Zemana.v1.9.3.602.rar
2015-06-07 06:46 - 2015-06-07 06:46 - 00000000 ____D C:\Users\Jürgen\Downloads\AntiLogger
2015-06-07 06:43 - 2015-06-07 06:45 - 05317658 _____ C:\Users\Jürgen\Downloads\AntiLogger.rar
2015-06-06 17:52 - 2015-06-06 17:52 - 00000000 ____D C:\ProgramData\360SD
2015-06-06 17:40 - 2015-06-09 18:41 - 00000000 ____D C:\ProgramData\360Quarant
2015-06-06 17:40 - 2015-06-07 09:27 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\360safe
2015-06-06 17:40 - 2015-06-06 17:49 - 00000000 ____D C:\WINDOWS\Tasks\360Disabled
2015-06-06 17:39 - 2015-06-07 19:45 - 00000000 _RSHD C:\360SANDBOX
2015-06-06 17:39 - 2015-06-06 17:52 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-06-06 17:39 - 2015-06-06 17:40 - 00000000 ____D C:\ProgramData\360safe
2015-06-06 17:39 - 2015-06-06 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-06-06 17:39 - 2015-05-18 12:20 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\WINDOWS\system32\Drivers\360fsflt.sys
2015-06-06 17:39 - 2015-05-18 12:20 - 00305736 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2015-06-06 17:39 - 2015-05-18 12:20 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2015-06-06 17:39 - 2015-05-18 12:20 - 00077896 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys
2015-06-06 17:37 - 2015-06-06 17:37 - 36034168 _____ C:\Users\Jürgen\Downloads\360TS_Setup.exe
2015-06-06 17:35 - 2015-06-06 17:35 - 01332344 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\Jürgen\Downloads\360TS_Setup_Mini.exe
2015-06-06 16:09 - 2015-06-06 16:09 - 00007601 _____ C:\WINDOWS\system32\ScanResults.xml
2015-06-06 16:04 - 2015-06-06 16:04 - 00000464 _____ C:\WINDOWS\system32\ScannerSettings
2015-06-05 07:54 - 2015-06-05 07:54 - 01517616 _____ C:\Users\Jürgen\Downloads\PCKeeper Installer.exe
2015-06-05 07:39 - 2015-06-05 07:40 - 00860160 _____ C:\Users\Jürgen\Downloads\adsfix_2_04.06.2015.3.exe
2015-06-05 07:37 - 2015-06-05 07:38 - 00315000 _____ C:\Users\Jürgen\Downloads\winchk_2.0.exe
2015-06-05 07:34 - 2015-06-05 07:34 - 00548774 _____ C:\Users\Jürgen\Downloads\winupdatefix_1.3.exe
2015-06-05 07:32 - 2015-06-05 07:32 - 02231296 _____ C:\Users\Jürgen\Desktop\adwcleaner_4.206.exe
2015-06-04 20:13 - 2015-06-04 20:13 - 00001233 _____ C:\Users\Jürgen\Desktop\Photo Background Remover.lnk
2015-06-04 20:13 - 2015-06-04 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Background Remover
2015-06-04 20:13 - 2015-06-04 20:13 - 00000000 ____D C:\Program Files (x86)\Photo Background Remover
2015-06-04 19:59 - 2015-06-12 15:28 - 00025638 _____ C:\WINDOWS\PFRO.log
2015-06-04 19:59 - 2015-06-11 20:04 - 00004209 _____ C:\WINDOWS\setupact.log
2015-06-04 19:59 - 2015-06-04 19:59 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-04 16:54 - 2015-06-04 16:54 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\AVAST Software
2015-06-04 16:53 - 2015-06-07 18:55 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-04 16:53 - 2015-06-04 16:53 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-06-04 16:53 - 2015-06-04 16:53 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-04 16:53 - 2015-06-04 16:53 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-06-04 16:53 - 2015-06-04 16:53 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-04 16:53 - 2015-06-04 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-04 16:52 - 2015-06-04 16:52 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-04 16:51 - 2015-06-04 16:52 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-04 16:51 - 2015-06-04 16:51 - 05481344 _____ (Avast Software s.r.o.) C:\Users\Jürgen\Downloads\avast_free_antivirus_setup.exe
2015-06-04 13:04 - 2015-06-04 13:04 - 00003220 _____ C:\WINDOWS\System32\Tasks\ASC6_PerformanceMonitor
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\IObit
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\ProgramData\IObit
2015-06-04 13:04 - 2015-06-04 13:04 - 00000000 ____D C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2015-06-04 12:53 - 2015-06-08 16:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-04 12:53 - 2015-06-04 12:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Malwarebytes
2015-06-04 11:15 - 2015-06-04 11:15 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Ad-Aware Antivirus
2015-06-04 08:38 - 2015-06-04 08:38 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-04 08:38 - 2015-06-04 08:38 - 00001040 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-04 08:36 - 2015-06-04 08:36 - 00001825 _____ C:\Users\Public\Desktop\eFix Pro.lnk
2015-06-04 08:36 - 2015-06-04 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro
2015-06-04 08:36 - 2015-06-04 08:36 - 00000000 ____D C:\Program Files\eFix
2015-06-04 08:34 - 2015-06-04 08:35 - 00776792 _____ (Reimage®) C:\Users\Jürgen\Downloads\eFixPro.exe
2015-06-04 08:32 - 2015-06-07 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer
2015-06-04 08:32 - 2015-06-04 08:32 - 00001496 _____ C:\Users\Jürgen\Desktop\Resume Registry Easy.lnk
2015-06-04 07:58 - 2015-06-04 07:58 - 00001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-06-04 07:58 - 2015-06-04 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-06-04 07:58 - 2015-06-04 07:58 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-04 07:58 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-06-04 07:52 - 2015-06-04 07:52 - 00000000 ____D C:\Users\Jürgen\AppData\Local\VS Revo Group
2015-06-04 07:52 - 2015-06-04 07:52 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-06-04 07:50 - 2015-06-04 07:50 - 10840062 _____ C:\Users\Jürgen\Downloads\RevoU312.rar
2015-06-04 07:22 - 2015-06-04 07:25 - 00000000 ____D C:\Program Files\CCleaner
2015-06-04 07:22 - 2015-06-04 07:22 - 00002862 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-06-04 07:22 - 2015-06-04 07:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-04 07:22 - 2015-06-04 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-04 07:20 - 2015-06-04 07:20 - 06552640 _____ (Piriform Ltd) C:\Users\Jürgen\Downloads\ccsetup506pro.exe
2015-06-04 06:55 - 2015-06-04 06:55 - 02585202 _____ C:\Users\Jürgen\Downloads\geek.zip
2015-06-04 06:24 - 2015-06-04 06:24 - 01197344 _____ C:\Users\Jürgen\Downloads\GeekUninstaller - CHIP-Installer.exe
2015-06-04 05:54 - 2015-06-04 05:54 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-06-03 06:16 - 2015-06-04 05:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 18:43 - 2015-06-02 18:43 - 03837440 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
2015-06-02 18:05 - 2015-06-02 18:05 - 00001160 _____ C:\Users\Jürgen\Desktop\Driver Magician.lnk
2015-06-02 18:05 - 2015-06-02 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Magician
2015-06-02 18:05 - 2011-02-08 14:58 - 01882104 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.Controls.v15.0.1.ocx
2015-06-02 18:05 - 2004-09-28 11:13 - 00526184 _____ (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) C:\WINDOWS\SysWOW64\XceedCry.dll
2015-06-02 18:05 - 2004-08-11 15:55 - 00110602 _____ C:\WINDOWS\SysWOW64\xcdsfx32.bin
2015-06-02 18:05 - 2004-03-09 00:00 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Comdlg32.ocx
2015-06-02 18:05 - 2004-03-09 00:00 - 00132880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msinet.ocx
2015-06-02 18:04 - 2015-06-06 17:51 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Driver Magician
2015-06-02 18:04 - 2015-06-02 18:07 - 00000000 ____D C:\Program Files (x86)\Driver Magician
2015-06-02 16:22 - 2015-06-02 16:23 - 00000000 ____D C:\Users\Jürgen\Downloads\magischertreiber
2015-06-02 16:21 - 2015-06-02 16:22 - 17430510 _____ C:\Users\Jürgen\Downloads\magischertreiber.rar
2015-06-02 16:09 - 2005-01-12 11:19 - 00456536 _____ (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) C:\WINDOWS\SysWOW64\XCEEDZIP.DLL
2015-06-02 16:09 - 2004-03-09 00:00 - 01081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscomctl.ocx
2015-06-02 15:48 - 2015-06-02 15:50 - 00000000 ____D C:\Program Files (x86)\PowerDataRecovery6.8
2015-06-02 15:48 - 2015-06-02 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 6.8
2015-06-02 11:11 - 2015-06-02 11:11 - 00000000 ____D C:\Users\Jürgen\Downloads\MiniToolPowerDataRecovery68-op6n2m
2015-06-02 11:10 - 2015-06-02 11:11 - 28167997 _____ C:\Users\Jürgen\Downloads\MiniToolPowerDataRecovery68-op6n2m.zip
2015-05-31 08:39 - 2015-05-21 12:04 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-31 08:39 - 2015-05-21 06:45 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-31 08:38 - 2015-05-31 08:38 - 00001325 _____ C:\Users\Jürgen\Desktop\WinISO.lnk
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WinISO Computing
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISO
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Users\Jürgen\AppData\Local\WinISO Computing
2015-05-31 08:38 - 2015-05-31 08:38 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2015-05-31 08:38 - 2012-12-31 09:36 - 00204032 _____ (WinISO.com) C:\WINDOWS\system32\Drivers\WinisoCDBus.sys
2015-05-31 08:10 - 2015-05-31 08:30 - 3942459392 _____ C:\Users\Jürgen\Downloads\Windows10_Pro_InsiderPreview_x64_de_10130.iso
2015-05-31 06:09 - 2015-05-31 06:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-30 21:17 - 2015-05-30 21:18 - 05916582 _____ C:\Users\Jürgen\Downloads\Stellar Phoenix Windows Data Recovery Professional 6.0.0.1 Final.rar
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files\MSBuild
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-05-30 17:54 - 2015-05-30 17:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-05-30 17:53 - 2015-05-30 17:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Reincubate
2015-05-30 17:53 - 2015-05-30 17:53 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2015-05-30 17:53 - 2015-03-30 18:34 - 01166512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-05-30 17:53 - 2015-03-30 18:34 - 00035472 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-05-30 17:53 - 2015-03-30 17:37 - 00778928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-05-30 17:53 - 2015-03-30 17:37 - 00035472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-05-30 16:57 - 2015-05-30 21:24 - 00000000 ____D C:\ProgramData\TEMP
2015-05-30 16:57 - 2015-05-30 18:28 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2015-05-30 16:57 - 2015-05-30 16:57 - 00001309 _____ C:\Users\Jürgen\Desktop\Stellar Phoenix Windows Data Recovery - Home.lnk
2015-05-30 16:57 - 2015-05-30 16:57 - 00000081 _____ C:\WINDOWS\spwdrhgsadeall.INI
2015-05-30 16:57 - 2015-05-30 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Home
2015-05-30 16:57 - 2015-05-30 16:57 - 00000000 ____D C:\Log
2015-05-30 16:56 - 2015-05-30 16:56 - 04042664 _____ (Stellar Information Technology Pvt Ltd ) C:\Users\Jürgen\Downloads\StellarPhoenixWindowsDataRecovery-Home_DE.exe
2015-05-30 16:41 - 2015-05-30 16:42 - 00000000 ____D C:\ProgramData\RegRun
2015-05-30 16:40 - 2015-05-30 16:41 - 00001142 _____ C:\Users\Jürgen\Desktop\Reanimator.lnk
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2015-05-30 16:40 - 2015-05-30 16:41 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2015-05-30 16:40 - 2015-05-30 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
2015-05-30 16:40 - 2015-05-30 16:40 - 00000000 ____D C:\Program Files (x86)\Greatis
2015-05-30 07:43 - 2015-05-30 07:44 - 02394098 _____ C:\Users\Jürgen\Downloads\pidgen.v1.1.3.590.zip
2015-05-30 06:39 - 2015-06-06 17:51 - 00000000 ____D C:\ProgramData\Syncovery
2015-05-30 06:15 - 2015-05-30 06:16 - 00302011 _____ C:\Users\Jürgen\Downloads\WindowsUpdateDiagnostic.diagcab
2015-05-29 19:16 - 2015-05-10 23:12 - 42719048 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 30502544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 22961808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 18238040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 16147056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 15967088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 15627688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 14457344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 13265128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 12937304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 11790848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 03285432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02906064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02348688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 02083472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435284.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01558848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435284.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01156952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01054352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 01044624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00983912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00977040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00969032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00502896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00407112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-05-29 19:16 - 2015-05-10 23:12 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-05-29 17:49 - 2015-05-29 18:19 - 92323562 _____ C:\Users\Jürgen\Downloads\697ht.Syncovery.Pro.7.15d.Build.110.x86x64..Portable.rar
2015-05-29 17:46 - 2015-05-29 17:47 - 290481224 _____ (NVIDIA Corporation) C:\Users\Jürgen\Downloads\352.86-notebook-win8-win7-64bit-international-whql.exe
2015-05-29 17:42 - 2015-05-29 17:42 - 00000000 ____D C:\Users\Jürgen\Downloads\VGA_nVidia_Win81_64_VER918132683

OpaPaule · 12.06.2015, 16:45

Code:

ATTFilter

2015-05-29 07:31 - 2015-05-29 07:31 - 00002112 _____ C:\Users\Public\Desktop\IncrediBackup.lnk
2015-05-29 07:31 - 2015-05-29 07:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediBackup
2015-05-29 07:31 - 2015-05-29 07:31 - 00000000 ____D C:\Program Files (x86)\IncrediBackup
2015-05-28 08:20 - 2015-05-28 08:20 - 01014824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00822720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-28 08:20 - 2015-05-28 08:20 - 00364360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 06867272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 03485328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 01054352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00937104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-28 08:17 - 2015-05-10 21:41 - 00385352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-05-28 08:17 - 2015-05-10 21:41 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-28 08:17 - 2015-05-07 18:51 - 04391542 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-05-28 08:15 - 2015-05-10 23:12 - 11052688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-05-28 08:15 - 2015-05-10 23:12 - 00032079 _____ C:\WINDOWS\system32\nvinfo.pb
2015-05-28 08:15 - 2015-05-10 23:12 - 00031560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-05-28 08:15 - 2013-08-21 13:47 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432683.dll
2015-05-28 08:15 - 2013-08-21 13:47 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432683.dll
2015-05-28 08:11 - 2015-05-28 08:12 - 316360307 _____ C:\Users\Jürgen\Downloads\VGA_nVidia_Win81_64_VER918132683.zip
2015-05-28 08:03 - 2015-05-28 08:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-05-28 05:21 - 2015-05-18 02:46 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-28 05:21 - 2015-05-18 02:45 - 01564672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-28 05:21 - 2015-05-18 02:45 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-28 05:21 - 2015-05-18 02:45 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-05-28 05:21 - 2015-05-18 02:44 - 02755072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-05-28 05:21 - 2015-05-18 02:44 - 02114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-28 05:21 - 2015-05-18 02:43 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-05-28 05:21 - 2015-05-18 02:43 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-05-28 05:21 - 2015-05-18 02:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-05-28 05:21 - 2015-05-18 02:00 - 19622912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-28 05:21 - 2015-05-18 01:49 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-28 05:21 - 2015-05-18 01:49 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-28 05:21 - 2015-05-18 01:48 - 02755072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-05-28 05:21 - 2015-05-18 01:48 - 02037248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-28 05:21 - 2015-05-18 01:48 - 01342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-28 05:21 - 2015-05-18 01:48 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-05-28 05:21 - 2015-05-18 01:47 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-05-28 05:21 - 2015-05-18 01:47 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-05-28 05:21 - 2015-05-18 01:40 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-05-28 05:21 - 2015-05-18 01:04 - 11318784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-28 05:21 - 2015-05-18 01:03 - 20603904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-05-28 05:21 - 2015-05-18 01:00 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-05-28 05:20 - 2015-05-18 05:01 - 03456656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-28 05:20 - 2015-05-18 03:51 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-05-28 05:20 - 2015-05-18 03:30 - 02778456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-28 05:20 - 2015-05-18 03:20 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-28 05:20 - 2015-05-18 02:59 - 24580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-28 05:20 - 2015-05-18 02:50 - 12492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-28 05:20 - 2015-05-18 02:46 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-28 05:20 - 2015-05-18 02:45 - 02678784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-28 05:20 - 2015-05-18 02:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-05-28 05:20 - 2015-05-18 02:15 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-28 05:20 - 2015-05-18 01:55 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-05-28 05:20 - 2015-05-18 01:48 - 02174464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-28 05:20 - 2015-05-18 01:44 - 04791808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-28 05:20 - 2015-05-18 01:07 - 03595264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-28 05:18 - 2015-05-28 05:18 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-05-27 18:37 - 2015-05-27 18:37 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-27 18:12 - 2015-05-27 18:12 - 09890832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2015-05-27 18:12 - 2015-05-27 18:12 - 00402960 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2015-05-27 18:12 - 2015-05-27 18:12 - 00083984 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2015-05-27 18:12 - 2015-05-27 18:12 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-05-27 18:12 - 2015-05-27 18:12 - 00000000 ____D C:\Program Files (x86)\Intel
2015-05-27 18:11 - 2015-05-27 18:11 - 22905344 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 17837568 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 12142128 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 11719304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 10895800 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 10435408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 08477184 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 06447616 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 04581376 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 04354448 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 04350864 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 03775416 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-05-27 18:11 - 2015-05-27 18:11 - 03625024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-05-27 18:11 - 2015-05-27 18:11 - 02480880 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 02027008 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01758208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01740288 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01540096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01455776 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01137080 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 01132960 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00932752 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00793248 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00734720 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00665600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00646304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00603296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00546704 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00546192 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00504208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00456256 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00418704 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00400272 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00399760 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00376832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00372736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00367664 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00319376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00287232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00286720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00281488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00272384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00254976 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-05-27 18:11 - 2015-05-27 18:11 - 00250368 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00246672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00223232 _____ C:\WINDOWS\system32\igdde64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00218808 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00214528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00193936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00188456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00187508 _____ C:\WINDOWS\system32\resTHA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00184832 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00184320 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00183800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3993.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00180324 _____ C:\WINDOWS\system32\resELL.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00176180 _____ C:\WINDOWS\system32\resRUS.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00162304 _____ C:\WINDOWS\system32\igdail64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00162036 _____ C:\WINDOWS\system32\resARA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00161492 _____ C:\WINDOWS\system32\resHEB.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00161428 _____ C:\WINDOWS\system32\resJPN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00159056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00156852 _____ C:\WINDOWS\system32\resFRA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00156836 _____ C:\WINDOWS\system32\resHUN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155536 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-05-27 18:11 - 2015-05-27 18:11 - 00155140 _____ C:\WINDOWS\system32\resKOR.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00155044 _____ C:\WINDOWS\system32\resITA.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00155044 _____ C:\WINDOWS\system32\resDEU.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154884 _____ C:\WINDOWS\system32\resROM.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154772 _____ C:\WINDOWS\system32\resESN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154340 _____ C:\WINDOWS\system32\resPLK.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154196 _____ C:\WINDOWS\system32\resSKY.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00154004 _____ C:\WINDOWS\system32\resNLD.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153444 _____ C:\WINDOWS\system32\resPTB.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153300 _____ C:\WINDOWS\system32\resTRK.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153268 _____ C:\WINDOWS\system32\resCSY.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00153140 _____ C:\WINDOWS\system32\resPTG.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00152724 _____ C:\WINDOWS\system32\resFIN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00152292 _____ C:\WINDOWS\system32\resHRV.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00151844 _____ C:\WINDOWS\system32\resSVE.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00151668 _____ C:\WINDOWS\system32\resSLV.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00150740 _____ C:\WINDOWS\system32\resNOR.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00150228 _____ C:\WINDOWS\system32\resDAN.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00148916 _____ C:\WINDOWS\system32\resENU.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00147140 _____ C:\WINDOWS\system32\resCHT.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00146308 _____ C:\WINDOWS\system32\resCHS.cui
2015-05-27 18:11 - 2015-05-27 18:11 - 00143872 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00094208 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00070144 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00058880 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00031408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00030720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-05-27 18:11 - 2015-05-27 18:11 - 00002586 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-05-27 18:11 - 2015-05-27 18:11 - 00000000 ____D C:\Program Files\Intel
2015-05-27 12:11 - 2015-06-11 16:57 - 00000000 ____D C:\Users\Jürgen\dwhelper
2015-05-26 18:39 - 2015-05-26 18:39 - 00000000 ____D C:\Users\Jürgen\Downloads\Cf_noi
2015-05-26 18:38 - 2015-05-26 18:36 - 00949284 _____ C:\Users\Jürgen\Downloads\Cf_noi.zip
2015-05-26 18:30 - 2015-06-06 17:51 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\vlc
2015-05-26 17:09 - 2015-05-26 17:09 - 00097280 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\Drivers\BrSerIf.sys
2015-05-26 17:09 - 2015-05-26 17:09 - 00019584 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
2015-05-26 17:09 - 2015-05-26 17:09 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Brother
2015-05-26 17:07 - 2015-05-26 17:10 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2015-05-26 17:07 - 2015-05-26 17:07 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2015-05-26 17:03 - 2015-05-26 17:03 - 01560576 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWia09b.dll
2015-05-26 17:03 - 2015-05-26 17:03 - 00050176 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUsi09a.dll
2015-05-26 14:20 - 2015-06-02 18:39 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Nitro PDF
2015-05-26 14:16 - 2015-05-26 14:16 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Nitro
2015-05-26 14:15 - 2015-05-26 14:15 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\CNBJMON2.DLL
2015-05-26 14:14 - 2015-05-26 14:14 - 00002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
2015-05-26 14:14 - 2015-05-26 14:14 - 00002035 _____ C:\Users\Public\Desktop\Nitro Pro 9.lnk
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\ProgramData\Nitro
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\Program Files\Common Files\Nitro
2015-05-26 14:14 - 2015-05-26 14:14 - 00000000 ____D C:\Program Files (x86)\Nitro
2015-05-26 14:14 - 2014-03-13 15:18 - 00029704 _____ (Nitro PDF Software) C:\WINDOWS\system32\nitrolocalmon9.dll
2015-05-26 14:14 - 2014-03-13 15:18 - 00017928 _____ (Nitro PDF Software) C:\WINDOWS\system32\nitrolocalui9.dll
2015-05-26 14:13 - 2015-05-26 14:13 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Downloaded Installations
2015-05-26 09:14 - 2015-05-26 09:14 - 00294912 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2015-05-26 09:14 - 2015-05-26 09:14 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2015-05-26 09:14 - 2015-05-26 09:14 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Berlin Stadtplan CD Routing Vollversion
2015-05-26 09:14 - 2015-05-26 09:14 - 00000000 ____D C:\Program Files (x86)\Berlin Stadtplan CD Routing Vollversion
2015-05-26 06:38 - 2015-05-28 08:03 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-26 06:38 - 2015-05-26 06:39 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NVIDIA Corporation
2015-05-26 06:38 - 2015-05-26 06:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-26 06:38 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-05-26 06:38 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-05-26 06:37 - 2015-05-28 08:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-05-26 06:37 - 2015-05-27 18:11 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-05-26 06:37 - 2015-05-27 18:11 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-05-25 17:42 - 2015-05-25 17:42 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\LibreOffice
2015-05-25 17:30 - 2015-05-25 17:30 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-05-25 17:30 - 2015-05-25 17:30 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-05-25 17:29 - 2015-05-25 17:30 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2015-05-25 16:57 - 2015-05-25 16:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-05-25 15:51 - 2015-05-25 15:51 - 00002759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft AutoRoute 2013.lnk
2015-05-25 15:51 - 2015-05-25 15:51 - 00000000 ____D C:\Program Files (x86)\MSECache
2015-05-25 15:51 - 2015-05-25 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft AutoRoute 2013
2015-05-25 14:45 - 2015-05-25 14:47 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\EfficientPIM
2015-05-25 14:45 - 2015-05-25 14:46 - 00000000 ____D C:\Program Files (x86)\EfficientPIM
2015-05-25 14:45 - 2015-05-25 14:45 - 00001052 _____ C:\Users\Jürgen\Desktop\EfficientPIM.lnk
2015-05-25 14:45 - 2015-05-25 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EfficientPIM
2015-05-25 13:18 - 2015-06-12 13:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\CrashDumps
2015-05-25 12:47 - 2015-05-25 12:47 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Zoner
2015-05-25 12:47 - 2015-05-25 12:47 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Zoner
2015-05-25 12:46 - 2015-05-25 12:46 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2015-05-25 12:46 - 2015-05-25 12:46 - 00000000 ____D C:\ProgramData\Zoner
2015-05-25 12:46 - 2015-05-25 12:46 - 00000000 ____D C:\Program Files\Zoner
2015-05-25 12:16 - 2015-06-04 05:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-25 12:10 - 2015-05-25 12:10 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2015-05-25 12:10 - 2015-05-25 12:10 - 00708168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2015-05-25 12:10 - 2015-05-25 12:10 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-05-25 12:10 - 2015-05-25 12:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-05-25 12:05 - 2015-05-25 12:05 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-05-25 11:52 - 2015-05-25 11:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-05-25 09:22 - 2015-05-25 09:22 - 00000000 ____D C:\Program Files (x86)\Photo Notifier and Animation Creator
2015-05-25 09:21 - 2015-05-25 09:21 - 00002174 _____ C:\Users\Public\Desktop\Passwörter sichern.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00002098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00002086 _____ C:\Users\Public\Desktop\IncrediMail.lnk
2015-05-25 09:21 - 2015-05-25 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-25 09:21 - 2015-05-25 09:21 - 00000000 ____D C:\Program Files (x86)\IncrediMail
2015-05-25 09:13 - 2015-05-25 09:13 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Macromedia
2015-05-25 09:07 - 2015-05-25 11:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\IM
2015-05-25 09:07 - 2015-05-25 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\Photo Notifier and Animation Creator
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\IncrediMail
2015-05-25 09:07 - 2015-05-25 09:07 - 00000000 ____D C:\ProgramData\IM
2015-05-25 07:14 - 2015-05-25 07:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Apple
2015-05-25 06:58 - 2015-05-25 06:58 - 00003294 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003238 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003210 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00003206 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-05-25 06:58 - 2015-05-25 06:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-05-25 06:58 - 2015-05-25 06:58 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2015-05-25 06:48 - 2015-06-12 17:05 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-25 06:48 - 2015-05-25 06:48 - 00003860 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-05-25 06:48 - 2015-05-25 06:48 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Adobe
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Mozilla
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Mozilla
2015-05-24 20:16 - 2015-05-24 20:16 - 00000000 ____D C:\ProgramData\Mozilla
2015-05-24 20:15 - 2015-05-24 20:15 - 36357760 _____ C:\Users\Jürgen\Downloads\Firefox-Setup-33.0.2.exe
2015-05-24 20:10 - 2015-05-26 06:38 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NVIDIA
2015-05-24 19:37 - 2015-05-24 19:37 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WindSolutions
2015-05-24 19:36 - 2015-05-24 19:36 - 00000000 ____D C:\ProgramData\WindSolutions
2015-05-24 19:35 - 2015-05-24 19:35 - 10388158 _____ C:\Users\Jürgen\Downloads\CopyTransManagerDEv1.015.zip
2015-05-24 19:35 - 2015-05-24 19:35 - 00000000 ____D C:\Users\Jürgen\Downloads\CopyTransManagerDEv1.015
2015-05-24 19:30 - 2015-05-24 19:30 - 00000000 ____D C:\Users\Jürgen\AppData\Local\NetworkTiles
2015-05-24 18:59 - 2015-05-24 18:59 - 00428216 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-05-24 18:59 - 2015-05-24 18:59 - 00046776 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-05-24 18:59 - 2015-05-24 18:59 - 00000000 ____D C:\Program Files\Elantech
2015-05-24 18:59 - 2015-05-10 20:07 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2015-05-24 18:59 - 2015-05-10 20:06 - 12038656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2015-05-24 18:59 - 2015-05-10 19:49 - 02085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2015-05-24 18:59 - 2015-05-10 19:48 - 12038656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2015-05-24 18:59 - 2015-05-10 19:48 - 11601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2015-05-24 18:59 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-24 18:58 - 2015-06-10 05:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-24 18:58 - 2015-06-10 05:55 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-24 18:58 - 2015-05-24 18:58 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-05-24 18:58 - 2015-05-24 18:58 - 00000000 ____D C:\Program Files\Realtek
2015-05-24 18:57 - 2015-05-24 18:57 - 72121872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-05-24 18:57 - 2015-05-24 18:57 - 14050832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 13091952 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 12950472 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 07166480 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 07088144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 06250000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-05-24 18:57 - 2015-05-24 18:57 - 05665264 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 05280952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 04468752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 03293424 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 03245856 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 03211264 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02908688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02872440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02817184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02702864 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-05-24 18:57 - 2015-05-24 18:57 - 02554784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02184512 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02106896 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02046480 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 02014958 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-05-24 18:57 - 2015-05-24 18:57 - 01958280 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01957768 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01773840 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01740816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01584280 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01574512 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01516664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01502152 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01427296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01376656 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01375192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01330656 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01328608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01152064 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 01115792 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00997392 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00991424 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00957272 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00954168 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00925200 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00915992 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00881872 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00866880 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00846256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00742920 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00737176 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00720656 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00701528 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00671760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00671248 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00661232 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00637536 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00612712 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00599240 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 00589528 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00566344 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00550256 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2015-05-24 18:57 - 2015-05-24 18:57 - 00527000 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00505352 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00497528 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00491384 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00459312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00441288 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00440224 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00438616 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00434488 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00419056 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00381832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00373568 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00346760 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00336928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00333304 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00333304 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00332832 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00325080 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00319408 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00316232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00316232 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00295168 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00264672 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00252432 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00247120 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00247080 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00246804 _____ C:\WINDOWS\system32\Drivers\AtherosBT.bin
2015-05-24 18:57 - 2015-05-24 18:57 - 00246096 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00226424 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00217648 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00216584 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00209344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00204152 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00182784 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00181760 _____ (Qualcomm Atheros Communications Inc.) C:\WINDOWS\system32\btcoinst.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00169048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00165976 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00160824 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00153104 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00145352 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00127768 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00116240 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00114384 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00109584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00105496 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00096272 _____ C:\WINDOWS\system32\audioLibVc.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00085424 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00082864 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00082824 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00078184 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00078144 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00069480 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys
2015-05-24 18:57 - 2015-05-24 18:57 - 00048092 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x01020200.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046748 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046268 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x11020100.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00046212 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x11020000.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00040684 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000_ss01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00038140 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010100.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00023532 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x01020201.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00016912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0xf0.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x21.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x11.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001922 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010100_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40_SS01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40_nf01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001796 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020000_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_SS01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_LV01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0xf1.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x22.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x12.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001512 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010100_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001242 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001228 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x04.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001214 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x03.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001204 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x02.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001204 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001198 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_26.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00001192 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_26_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000296 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000278 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x04.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x03.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x02.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_26_0x01.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_26.dfu
2015-05-24 18:57 - 2015-05-24 18:57 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-05-24 18:56 - 2015-05-07 05:43 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-05-24 18:56 - 2015-05-07 05:26 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2015-05-24 18:56 - 2015-05-07 05:25 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-05-24 18:56 - 2015-05-02 02:31 - 16090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-05-24 18:56 - 2015-05-02 02:27 - 14434304 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-05-24 18:56 - 2015-05-02 02:04 - 01281024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-05-24 18:56 - 2015-05-02 01:48 - 12813824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-05-24 18:56 - 2015-05-02 01:37 - 12925440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-05-24 18:56 - 2015-05-02 01:23 - 01281024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-05-24 18:50 - 2015-05-24 18:50 - 00000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2015-05-24 18:50 - 2015-05-24 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-05-24 18:50 - 2015-05-24 18:50 - 00000000 ____D C:\Program Files\Speccy
2015-05-24 18:49 - 2015-05-24 18:49 - 05127432 _____ (Piriform Ltd) C:\Users\Jürgen\Downloads\spsetup128.exe
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-24 18:26 - 2015-06-04 20:09 - 00000000 ____D C:\Program Files\WinRAR
2015-05-24 18:26 - 2015-05-24 18:26 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\WinRAR
2015-05-24 18:16 - 2015-06-06 17:51 - 00000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 5.6
2015-05-24 18:16 - 2015-05-24 18:16 - 00001354 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant Standard Edition 5.6.lnk
2015-05-24 18:16 - 2015-05-24 18:16 - 00001024 ____H C:\AMTAG.BIN
2015-05-24 18:16 - 2015-05-24 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Standard Edition 5.6
2015-05-24 18:16 - 2015-01-02 15:18 - 01811568 _____ C:\WINDOWS\ampa.exe
2015-05-24 18:16 - 2013-12-18 11:33 - 00017008 _____ C:\WINDOWS\SysWOW64\ampa.sys
2015-05-24 18:16 - 2013-12-18 11:33 - 00017008 _____ C:\WINDOWS\system32\ampa.sys
2015-05-24 18:14 - 2015-05-24 18:14 - 08644488 _____ (AOMEI Technology Co., Ltd. ) C:\Users\Jürgen\Downloads\PAssist_Std_5.6.3.exe
2015-05-24 18:08 - 2015-05-24 18:08 - 00000000 ____D C:\Users\Jürgen\Documents\MiniTool Partition Wizard Professional Edition 8.1 (FULL + Serial)
2015-05-24 17:59 - 2015-05-24 17:59 - 14674196 _____ C:\Users\Jürgen\Downloads\MiniTool Partition Wizard Professional Edition 8.1 (FULL + Serial).zip
2015-05-24 17:55 - 2015-05-24 17:56 - 08290887 _____ C:\Users\Jürgen\Downloads\CopyTrans 4.842 (FULL + Keygen).zip
2015-05-24 17:49 - 2015-05-24 17:49 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Macromedia
2015-05-24 17:46 - 2015-05-24 17:48 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Spartan
2015-05-24 17:46 - 2015-05-24 17:46 - 00001389 _____ C:\Users\Public\Desktop\EaseUS Todo PCTrans 8.0.lnk
2015-05-24 17:46 - 2015-05-24 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans 8.0
2015-05-24 17:46 - 2015-05-24 17:46 - 00000000 ____D C:\PCTransImage
2015-05-24 17:45 - 2015-05-24 17:45 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-05-24 17:24 - 2015-05-24 17:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-05-24 16:51 - 2015-06-11 20:08 - 00000000 ___DC C:\WINDOWS\Panther
2015-05-24 16:51 - 2015-05-29 19:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-24 16:51 - 2015-05-28 08:16 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-05-24 16:51 - 2015-05-24 16:51 - 00019976 _____ (ASUS) C:\WINDOWS\system32\Drivers\AsHIDSwitch64.sys
2015-05-24 16:50 - 2015-05-24 16:50 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-05-24 16:47 - 2015-05-24 16:47 - 00001047 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-05-24 16:47 - 2015-05-10 20:07 - 04845568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-05-24 16:47 - 2015-05-10 20:06 - 02628608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-05-24 16:47 - 2015-05-10 19:50 - 06355968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-05-24 16:47 - 2015-05-10 19:48 - 05738496 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-05-24 16:47 - 2015-05-10 19:48 - 02628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-05-24 16:43 - 2015-05-24 16:43 - 00000000 ____D C:\Users\Jürgen\AppData\Local\PeerDistRepub
2015-05-24 16:40 - 2015-05-24 16:40 - 02276560 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin95ip.dll
2015-05-24 16:39 - 2015-06-12 15:28 - 00000000 ____D C:\Users\Jürgen\AppData\Local\ActiveSync
2015-05-24 16:32 - 2015-05-24 16:32 - 00000000 ___RD C:\Users\Jürgen\3D Objects
2015-05-24 16:31 - 2015-06-01 07:14 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Packages
2015-05-24 16:31 - 2015-05-25 11:09 - 00000000 ____D C:\Users\Jürgen\AppData\Local\VirtualStore
2015-05-24 16:31 - 2015-05-24 16:31 - 00002357 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Adobe
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\Users\Jürgen\AppData\Local\GameDVR
2015-05-24 16:31 - 2015-05-24 16:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-05-24 16:30 - 2015-06-12 17:28 - 00000000 ____D C:\ProgramData\USOShared
2015-05-24 16:30 - 2015-05-24 16:30 - 00000020 ___SH C:\Users\Jürgen\ntuser.ini
2015-05-24 16:30 - 2015-05-24 16:30 - 00000000 ____D C:\Users\Jürgen\AppData\Local\TileDataLayer
2015-05-24 16:30 - 2015-05-24 16:30 - 00000000 ____D C:\ProgramData\USOPrivate
2015-05-24 16:00 - 2015-06-12 15:35 - 01790128 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-24 15:55 - 2015-04-25 05:12 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-05-24 15:54 - 2015-06-12 15:28 - 00069111 _____ C:\WINDOWS\WindowsUpdate_AU_deprecated.log
2015-05-24 15:54 - 2015-06-12 15:28 - 00000191 _____ C:\WINDOWS\WindowsUpdate.log
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-05-24 15:54 - 2015-05-24 15:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-05-24 15:53 - 2015-06-11 20:04 - 00005718 _____ C:\WINDOWS\diagwrn.xml
2015-05-24 15:53 - 2015-06-11 20:04 - 00005718 _____ C:\WINDOWS\diagerr.xml
2015-05-24 15:53 - 2015-06-08 12:20 - 00000000 ____D C:\Users\Jürgen
2015-05-24 15:53 - 2015-05-24 16:31 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Startmenü
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\Jürgen\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 ____D C:\WINDOWS\CSC
2015-05-24 15:53 - 2015-05-24 15:53 - 00000000 ____D C:\Users\DefaultAppPool
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:37 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-24 15:53 - 2015-04-25 05:17 - 00000369 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-23 19:39 - 2015-06-11 20:28 - 00000000 ___HD C:\$Windows.~BT
2015-05-21 07:01 - 2015-05-21 07:14 - 00000000 ___HD C:\$SysReset
2015-05-21 06:26 - 2015-05-21 06:26 - 00000000 __SHD C:\found.001
2015-05-19 14:04 - 2015-06-04 07:04 - 00000000 _____ C:\Recovery.txt
2015-05-19 07:49 - 2015-05-19 07:08 - 00000000 ____D C:\RecoveryImage
2015-05-16 08:26 - 2015-06-09 06:22 - 00000000 ____D C:\AdwCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-12 17:37 - 2015-04-25 06:08 - 00057563 _____ C:\WINDOWS\system32\NetSetupSvc.log
2015-06-12 17:30 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-12 16:52 - 2015-01-10 15:28 - 00000214 _____ C:\Users\Public\Desktop\Your Software Deals.url
2015-06-12 15:35 - 2015-04-25 10:27 - 00772388 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-12 15:35 - 2015-04-25 10:27 - 00154104 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-12 15:29 - 2015-04-05 13:05 - 00000000 ___RD C:\Users\Jürgen\OneDrive
2015-06-12 15:28 - 2015-04-25 06:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-12 15:28 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\schemas
2015-06-12 15:28 - 2015-04-25 04:39 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-06-11 20:23 - 2015-03-24 20:56 - 00000000 ____D C:\Temp
2015-06-11 20:04 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-11 18:15 - 2013-10-25 12:56 - 00000000 ____D C:\Users\Jürgen\Documents\Efficient Organizer AutoBackup
2015-06-11 06:07 - 2015-04-25 04:39 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-10 05:55 - 2015-04-25 05:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-09 18:41 - 2014-12-28 19:59 - 00000000 __SHD C:\$360Section
2015-06-09 07:00 - 2013-10-10 17:06 - 00084476 _____ C:\Users\Jürgen\Downloads\Addition.txt
2015-06-08 08:06 - 2013-03-24 12:25 - 00000000 ____D C:\Users\Jürgen\Documents\Finanzamt
2015-06-08 04:42 - 2013-05-12 09:20 - 00000000 ____D C:\Users\Jürgen\Desktop\Tools
2015-06-05 19:06 - 2012-12-22 10:26 - 00001992 _____ C:\Users\Jürgen\Desktop\Amazon.lnk
2015-06-05 19:06 - 2012-12-22 10:26 - 00001990 _____ C:\Users\Jürgen\Desktop\WEB.DE.lnk
2015-06-05 08:00 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\Versicherung
2015-06-04 17:40 - 2014-06-01 09:02 - 00000000 ____D C:\Users\Jürgen\Downloads\FarStone DriveClone Server 10.02+Keymaker-CORE
2015-06-04 17:40 - 2014-05-13 07:56 - 18831730 _____ C:\Users\Jürgen\Downloads\TrojanKill2077Lz0.rar
2015-06-04 17:40 - 2014-03-30 15:20 - 00000836 _____ C:\Users\Jürgen\Downloads\SuperAntiSpyware.v5.6.KeyGen.REiS.rar
2015-06-04 17:33 - 2014-08-13 16:55 - 00000000 ____D C:\Users\Jürgen\Downloads\HitmanPro.3.7.9.Build.221
2015-06-04 13:11 - 2013-09-12 07:05 - 00000000 ____D C:\Users\Jürgen\Desktop\Player
2015-06-04 13:11 - 2013-08-30 08:47 - 00000000 ____D C:\Users\Jürgen\Desktop\Bildbearbeitung
2015-06-04 13:11 - 2011-07-02 09:38 - 00000000 ____D C:\Users\Jürgen\Desktop\Datei Tools
2015-06-04 13:11 - 2010-06-18 15:27 - 00000000 ____D C:\Users\Jürgen\Desktop\Video
2015-06-04 07:27 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\Seriennummern
2015-05-31 06:58 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-30 20:39 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-05-30 17:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-05-30 17:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-05-30 16:42 - 2014-03-31 17:48 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2015-05-30 16:41 - 2014-03-31 18:00 - 00000000 ____D C:\Users\Jürgen\Documents\RegRun2
2015-05-28 08:17 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\Help
2015-05-26 08:16 - 2013-10-25 11:14 - 04857856 _____ C:\Users\Jürgen\Documents\My Information.effx
2015-05-25 06:25 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-05-25 06:18 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-05-25 06:16 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\appcompat
2015-05-24 18:59 - 2015-04-25 10:30 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-24 18:56 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-05-24 16:51 - 2015-04-25 05:37 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-05-24 16:47 - 2015-04-25 10:28 - 00000000 ____D C:\WINDOWS\OCR
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\PrintDialog3D
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\MtcUvc
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-24 16:31 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-05-24 15:55 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-05-24 15:55 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-05-24 15:54 - 2015-04-25 06:08 - 00002382 _____ C:\WINDOWS\System32\Tasks\SpeechRuntimeTask
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-05-24 15:54 - 2015-04-25 05:36 - 00000000 ____D C:\Program Files\Windows NT
2015-05-24 15:54 - 2015-04-25 04:39 - 00000000 __RHD C:\Users\Default
2015-05-24 15:54 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-05-24 15:53 - 2015-04-25 04:39 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-05-24 15:52 - 2015-04-25 05:36 - 00000000 ____D C:\WINDOWS\tracing
2015-05-22 07:26 - 2015-02-20 07:20 - 00000000 ___RD C:\Users\Jürgen\iCloudDrive
2015-05-21 16:45 - 2014-12-28 10:30 - 00000000 ____D C:\Users\Jürgen\Documents\EfficientPIM AutoBackup
2015-05-21 08:15 - 2014-11-09 21:09 - 00000000 ____D C:\Users\Jürgen\Documents\Ashampoo 3D CAD Architecture 5
2015-05-21 08:15 - 2013-10-11 12:59 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2015-05-21 08:15 - 2013-03-24 12:43 - 00000000 ____D C:\Users\Jürgen\Documents\SelfMV
2015-05-21 08:15 - 2013-03-24 12:42 - 00000000 ____D C:\Users\Jürgen\Documents\Readiris
2015-05-21 08:15 - 2013-03-24 12:42 - 00000000 ____D C:\Users\Jürgen\Documents\Presente3D
2015-05-21 08:15 - 2013-03-24 12:41 - 00000000 ____D C:\Users\Jürgen\Documents\Nero Recode
2015-05-21 08:15 - 2013-03-24 12:25 - 00000000 ___HD C:\Users\Jürgen\Documents\EverDesk Data
2015-05-21 08:15 - 2013-03-24 12:23 - 00000000 ____D C:\Users\Jürgen\Documents\Ashampoo 3D CAD Architecture 2
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.rainlendar2
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.jameica
2015-05-21 08:15 - 2013-03-24 12:21 - 00000000 ____D C:\Users\Jürgen\.ausweisapp
2015-05-21 08:15 - 2010-06-16 13:35 - 00000000 ____D C:\Users\Jürgen\Documents\PcSetup
2015-05-17 07:55 - 2013-06-14 10:14 - 00000000 ____D C:\Users\Jürgen\Desktop\Alte Firefox-Daten
2015-05-16 11:43 - 2013-03-24 12:23 - 00000000 ____D C:\Users\Jürgen\Documents\1 und 1

==================== Files in the root of some directories =======

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Jürgen\AppData\Roaming\eYuGvhP2muwKU0OH9mh
2015-05-24 18:58 - 2015-05-24 18:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\ECC58836-29C1-0B6F-D24A-D38AB68426A8.dll
C:\Users\Jürgen\AppData\Local\Temp\eFixProPackage.exe
C:\Users\Jürgen\AppData\Local\Temp\Photooptimizer.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-04 06:37

==================== End of log ============================

OpaPaule · 13.06.2015, 10:51

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Jürgen at 2015-06-12 17:39:42
Running from C:\Users\Jürgen\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-382664376-1932614338-2128433781-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-382664376-1932614338-2128433781-503 - Limited - Disabled)
Gast (S-1-5-21-382664376-1932614338-2128433781-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-382664376-1932614338-2128433781-1006 - Limited - Enabled)
Jürgen (S-1-5-21-382664376-1932614338-2128433781-1000 - Administrator - Enabled) => C:\Users\Jürgen
UpdatusUser (S-1-5-21-382664376-1932614338-2128433781-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.6.1.1024 - 360 Security Center)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
AntiLogger (HKLM-x32\...\AntiLogger) (Version:  - Zemana Ltd.)
AntiLogger (x32 Version: 1.9.3.602 - Zemana Ltd.) Hidden
AOMEI Partition Assistant Standard Edition 5.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Ashampoo Photo Optimizer 6 v.6.0.8 (HKLM-x32\...\{91B33C97-546E-E89A-9F44-0BB2D57DBE96}_is1) (Version: 6.0.8 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Berlin Stadtplan CD Routing Vollversion (HKLM-x32\...\ST6UNST #1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
ChrisPC Win Experience Index 3.30 (HKLM-x32\...\{1116089C-14B5-1A23-8113-6124567ABCDE}_is1) (Version:  - Chris P.C. srl)
Driver Magician 4.3 (HKLM-x32\...\Driver Magician_is1) (Version:  - GoldSolution Software, Inc.)
EaseUS Todo PCTrans 8.0 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version:  - EaseUS)
EfficientPIM 3.60 (HKLM-x32\...\EfficientPIM_is1) (Version:  - Efficient Software)
eFix Pro (HKLM\...\eFix Pro) (Version: 1.8.1.1 - Reimage)
ELAN Touchpad 11.15.0.12_X64 (HKLM\...\Elantech) (Version: 11.15.0.12 - ELAN Microelectronic Corp.)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
IncrediBackup (HKLM-x32\...\IncrediBackup) (Version: 1.0.0.1087 - IncrediMail Ltd.)
IncrediBackup (x32 Version: 1.0.0.1087 - Ihr Firmenname) Hidden
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3993 - Intel Corporation)
KeyCrypt SDK version 1.8.1.199 (HKLM-x32\...\{5575EADE-4685-4E15-A9CD-6036BC2A3F75}_is1) (Version: 1.8.1.199 - Zemana Ltd.)
LibreOffice 4.4.3.2 (HKLM-x32\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft AutoRoute 2013 (HKLM-x32\...\{C82185E8-C27B-4EF4-2013-3333BC2C2B6D}) (Version: 19.0.21.0500 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
Nitro Pro 9 (HKLM\...\{09425538-32A2-4D64-941B-ECE170A08BCC}) (Version: 9.0.7.5 - Nitro)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.84 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Photo Background Remover 1.1 (HKLM-x32\...\Photo Background Remover_is1) (Version: 1.1 - SoftOrbits)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 8.1.0.0 - Bitsum)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
RegRun Reanimator (HKLM-x32\...\Greatis Reanimator_is1) (Version:  - Greatis Software, LLC.)
RegRun Reanimator (HKLM-x32\...\UnHackMe Update - Reanimator_is1) (Version:  - Greatis Software, LLC.)
Reincubate Recover Files (HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\Reincubate Recover Files) (Version: 1.0.5.0 - Reincubate Ltd)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Stellar Phoenix Windows Data Recovery - Home (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Home_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd)
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.35.162 - Haufe-Lexware GmbH & Co.KG)
WinISO (HKLM-x32\...\WinISO) (Version: 6.3.0.4748 - WinISO Computing Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_DE_is1) (Version: 17.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382664376-1932614338-2128433781-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

04-06-2015 05:48:47 Windows Update
07-06-2015 19:45:07 Windows Update
08-06-2015 07:14:06 TAXMAN 2015 wurde installiert.
08-06-2015 07:14:37 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
08-06-2015 07:15:15 Installed AAVUpdateManager.
11-06-2015 20:00:32 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-04-25 05:37 - 2015-06-02 17:30 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0665D2AA-C24F-48DA-B70B-1018662DC582} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {074C7502-CC9F-4BAE-87E3-8FF079532DE9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-04-25] (Microsoft Corporation)
Task: {0C3C4D9B-22D3-47DD-88EB-FA19B300BE4E} - \f81615ae-5d10-4967-9f1d-e3f330bb6a9b-4 No Task File <==== ATTENTION
Task: {0D2254DB-CDAD-4D5A-8BAE-09A196CAAF63} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\HypervisorFlightingTask
Task: {1044CF37-A412-4BF0-9E33-4E9B9E1B1713} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_RebootDisplay => C:\windows\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {11D3374A-AD3F-4299-8DE7-4D25C715E068} - \f81615ae-5d10-4967-9f1d-e3f330bb6a9b-1-7 No Task File <==== ATTENTION
Task: {14FA2C0D-3A1D-4D57-9E8C-A00576F03D4D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {18E15108-AB5D-4BF4-89A7-E23D96ECB6BB} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {1B17305C-95F2-495E-B074-5E609B596F5B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {1D4D0CF3-8052-4A0D-9E7C-19340F3CE458} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-04-25] (Microsoft Corporation)
Task: {266FDBAA-47DF-44B1-B955-27D138E89DFD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Update_Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {2F833A36-2B88-4359-80C0-6BAD2E3DBE57} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {367F3D3E-B254-4153-8131-E327A0337B89} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3A0B4A77-58DE-4C8B-9F00-6ABB859848FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {3D0DE39F-3425-4AA9-ABD6-A5C69D967C0D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-04-25] (Microsoft Corporation)
Task: {41CF741F-17B4-4DDB-84DD-87E8CCE3FD53} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Update_RebootDialog => C:\WINDOWS\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {41E46165-DCE3-4172-BFBD-A68FEC589883} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-04-25] (Microsoft Corporation)
Task: {44FFA471-A5D5-47A5-939B-746FBADD78C7} - \509592fb-cd19-4fc4-a701-100ee41b953a-5 No Task File <==== ATTENTION
Task: {4691E6C9-54F9-4272-BA2C-8C084F017080} - \509592fb-cd19-4fc4-a701-100ee41b953a-1-7 No Task File <==== ATTENTION
Task: {46DA8ED4-441C-4278-90A5-501578244C9D} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [2015-06-06] (Bitsum LLC)
Task: {55932C01-117A-4591-89F6-651825B21D40} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {589D2417-0F88-4E46-A6DC-5BB1BBB0D447} - \509592fb-cd19-4fc4-a701-100ee41b953a-1-6 No Task File <==== ATTENTION
Task: {61618B3B-8744-4FCB-BC33-51378E222441} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-04-25] (Microsoft Corporation)
Task: {61F52CA4-AE43-4ADB-9F55-EE6681979D17} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {6C0E2B4A-3027-4B00-BCCA-5E6AE58F80A8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Update_RebootToast => C:\WINDOWS\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {6CA86238-FD9E-42E9-9175-BFF660C6C516} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {7013D956-D379-4440-8CFC-D8A7D5F67DBD} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {71568F34-D9D9-4DCF-B16E-D0E7E686F507} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {72F56A2F-899A-43D3-B2F5-94C5EFE307F8} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-04-25] (Microsoft Corporation)
Task: {77313CA4-2B8F-4C78-BF3D-2541520A2DAC} - \globalUpdateUpdateTaskMachineCore1d09e90212f26ad No Task File <==== ATTENTION
Task: {7F54238B-5764-4E6D-B2CF-885209A4B0FF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-24] (Realtek Semiconductor)
Task: {82B68E5D-FE3D-468C-868E-C10A19D8DE0F} - System32\Tasks\SpeechRuntimeTask => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2015-04-25] (Microsoft Corporation)
Task: {85309F05-13F8-48CC-9316-1ACAE6128D5B} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {87B36780-A210-47EE-AE35-5B7BA65E0E1E} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {8FF4024B-0FD6-4237-9D79-D081D5BBC08F} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-04-25] (Microsoft Corporation)
Task: {97401792-5045-437E-8469-596E39D44B39} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {99D11EAE-2B6B-4C7C-B19A-560559E09F92} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_WnfDisplay => C:\windows\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {A463F65C-A0D9-4131-93EB-3DE254A10615} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-04] (Avast Software s.r.o.)
Task: {B30747C4-5FF0-45F6-B7F9-E32B90504DE6} - System32\Tasks\ASC6_PerformanceMonitor => H:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2013-01-14] (IObit)
Task: {B47FA05F-CE29-4431-A598-90333E2550B2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {BE70B822-584C-4AA1-9A4A-C8C9C2CF75F9} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {C930CCDA-692A-4C46-B09C-E51F33BFB798} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-04-25] (Microsoft Corporation)
Task: {CBB9856A-0F14-47C0-828B-15C769CF1467} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-04-25] (Microsoft Corporation)
Task: {D4FBCB18-1691-4A5B-8458-15C54D218609} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {DCA13A11-D481-461D-A203-6734CB1476E5} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-04-25] (Microsoft Corporation)
Task: {E3D13D83-810C-49FF-9E9C-45D3F2C69833} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-04-25] (Microsoft Corporation)
Task: {EAC4A6E0-7043-4C4B-8076-FE24446437E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-04-25] (Microsoft Corporation)
Task: {F6D40E60-C987-49D3-9551-2D18F637208E} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-04-25] (Microsoft Corporation)
Task: {F732F0A0-736D-4B94-9301-536D54AAB9EE} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [2015-06-06] (Bitsum LLC)
Task: {FB64AB47-950B-4268-A05B-F05BBAC1D0CD} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {FDFFB576-A5D4-4153-8DE2-39527283B01B} - \f81615ae-5d10-4967-9f1d-e3f330bb6a9b-1-6 No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-28 08:17 - 2015-05-10 21:41 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
2015-04-25 05:13 - 2015-04-25 05:13 - 00379904 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-04-25 05:15 - 2015-04-25 05:15 - 02211792 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-04-25 05:15 - 2015-04-25 05:15 - 02211792 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-06 17:39 - 2015-05-18 12:20 - 00613968 _____ () H:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 01894400 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.ActionCenter.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 06630400 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\StartUI.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 01019392 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\JumpViewUI.dll
2015-04-25 05:15 - 2015-04-25 05:15 - 02211792 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00579072 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\BatteryFlyoutExperience.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00461824 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ClockFlyoutExperience.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 02473984 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\DevicesFlowUI.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00457216 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 01222656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\NetworkUX.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00313344 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00842752 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickConnectUI.dll
2015-04-25 05:13 - 2015-04-25 05:13 - 00138752 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 06160896 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\SearchUI.exe
2015-04-25 10:32 - 2015-04-25 10:32 - 00163328 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\Cortana.Settings.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 04650496 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\CortanaApi.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 02118656 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\RemindersUI.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 00099840 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\Cortana.Authentication.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 01254400 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\Cortana.BackgroundTask.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 00141824 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\Cortana.Dss.BackgroundTask.dll
2015-04-25 10:32 - 2015-04-25 10:32 - 00196608 _____ () C:\Program Files\WindowsApps\Microsoft.Cortana_1.4.4.120_x64__8wekyb3d8bbwe\CortanaApi.ProxyStub.dll
2015-06-04 16:53 - 2015-06-04 16:53 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-04 16:53 - 2015-06-04 16:53 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-12 15:05 - 2015-06-12 15:05 - 02954752 _____ () C:\Program Files\AVAST Software\Avast\defs\15061200\algo.dll
2013-01-25 15:53 - 2013-01-14 18:24 - 00349008 _____ () H:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-01-25 15:53 - 2013-01-14 18:24 - 00183632 _____ () H:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-01-25 15:53 - 2013-01-14 18:24 - 00051024 _____ () H:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-01-25 15:53 - 2013-01-14 18:24 - 00893264 _____ () H:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
2015-05-26 06:38 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00272808 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2013-10-01 15:02 - 2013-10-01 15:02 - 00108888 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2015-06-04 16:53 - 2015-06-04 16:53 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-25 09:21 - 2015-05-25 09:21 - 00080296 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
2015-06-06 17:39 - 2015-05-18 12:20 - 00559224 _____ () H:\Program Files (x86)\360\Total Security\safemon\wdui2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:FCA8C9CD

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreUIRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreUIRegistrar => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-382664376-1932614338-2128433781-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-382664376-1932614338-2128433781-1000\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{3732FF99-C117-4752-B1DF-93E0F1B95C80}C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe
FirewallRules: [UDP Query User{277EAB8B-3ADA-4583-AA29-F2433E28F8CB}C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe] => (Allow) C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe
FirewallRules: [{74127440-6438-4320-B9D6-D0B299C1BC82}] => (Block) C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe
FirewallRules: [{E1BB3445-8E78-40D6-A5EB-16E37F66DA7E}] => (Block) C:\program files (x86)\easeus\easeus todo pctrans 8.0\bin\pctrans.exe
FirewallRules: [{68F073AF-2493-4635-9AB5-D6C06DFFA288}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AA4D2173-A308-4262-9F8F-EBF3470B3BD8}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{9CFD4DC2-DFF8-4BAC-9218-573F3A8FBEB0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{D67B0603-3800-4FB7-A156-6D5F687E1549}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{47DA1A59-584D-47DF-B2C3-1170826C8A90}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{B7162D19-3459-4F64-B9BE-2AF43A2AD0E4}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{38CA7785-687C-4A29-A546-D00F4F5A7B3E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{5F5B901D-E2E0-4EE6-962A-036B25ADD426}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{4C48E914-7C8D-4487-B147-8F4042EC6244}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{8BB9FD6B-6491-409A-A1F0-9390B19DF90A}] => (Allow) C:\Program Files (x86)\EfficientPIM\EfficientPIM.exe
FirewallRules: [{49CEF473-E6B6-47DE-9AC6-05383FD1935C}] => (Allow) C:\Program Files (x86)\EfficientPIM\EfficientPIM.exe
FirewallRules: [{8BC4D540-2BCD-4898-80A2-02521C0BFD51}] => (Allow) C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A7DA0AEA-56CD-49BF-947C-315267E0BC18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{255AAC25-BFDB-42C0-AC50-1FB74DFBB8B5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{85111964-D4BF-43FB-AF4F-F89F1E659D47}] => (Allow) C:\Users\Jürgen\Downloads\360TS_Setup_Mini.exe
FirewallRules: [{33D50040-D109-4C30-9CB8-B6A11B74DE50}] => (Allow) C:\Users\Jürgen\Downloads\360TS_Setup_Mini.exe
FirewallRules: [{DC173CC0-94B3-40F8-9030-97694590DF79}] => (Allow) H:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{1FAF52E9-805B-4D3A-BD22-A9E78FF7CBD4}] => (Allow) H:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{1FEB0637-15AE-487F-88A7-5A9FA68004A8}] => (Allow) H:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{9A69BC81-53D1-4317-831B-1974618D8C51}] => (Allow) H:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros AR3012 Bluetooth 4.0
Description: Qualcomm Atheros AR3012 Bluetooth 4.0
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Microsoft Streaming Service Proxy
Description: Microsoft Streaming Service Proxy
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSKSSRV
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: L:\
Description: 0AS             
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: ST964032
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Generic Flash Disk USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: MULTIBOOT
Description: 0AS             
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: ST964032
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: SAMSUNG Mobile USB Modem
Description: SAMSUNG Mobile USB Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: Modem
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Serielles USB-Gerät (COM3)
Description: Serielles USB-Gerät
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: usbser
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft virtuelles DVD-ROM-Laufwerk
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB 2.0 SD/MMC Reader USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: TOSHIBA TransMemory USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: PnP-Monitor (Standard)
Description: PnP-Monitor (Standard)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardmonitortypen)
Service: monitor
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Intel WiDi Audio Device
Description: Intel WiDi Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: intaud_WaveExtensible
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Intel WiDi Audio Device
Description: Intel WiDi Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: intaud_WaveExtensible
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft ISATAP Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB Reader USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: ST964032 0AS USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: K:\
Description: MFC-465CN       
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Brother 
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: J:\
Description: 0AS             
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: ST964032
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Mikrofon (High Definition Audio-Gerät)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Verbundgerät
Description: USB-Verbundgerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbccgp
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: SAMSUNG_Android
Description: SAMSUNG_Android
Class Guid: 
Manufacturer: 
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Nicht-PnP Monitor (Standard)
Description: Nicht-PnP Monitor (Standard)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardmonitortypen)
Service: monitor
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: SAMSUNG Android ADB Interface
Description: SAMSUNG Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: WinUSB
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: I:\
Description: USB Reader      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer:         
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Jürgen Mehlhorn (Galaxy Note4)
Description: SM-N910F
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFWpdMtp
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: HID-konforme Maus
Description: HID-konforme Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Lautsprecher (High Definition Audio-Gerät)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung
Description: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSTEE
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Trusted Audio Drivers
Description: Microsoft Trusted Audio Drivers
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: drmkaud
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: NVIDIA HDMI Out (NVIDIA Virtual Audio Device (Wave Extensible) (WDM))
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: PnP-Monitor (Standard)
Description: PnP-Monitor (Standard)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardmonitortypen)
Service: monitor
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: SAMSUNG Mobile USB Composite Device 
Description: SAMSUNG Mobile USB Composite Device 
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: dg_ssudbus
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: System-reserviert
Description: 0AS             
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: ST964032
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Druckerunterstützung
Description: USB-Druckerunterstützung
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: NVIDIA HDMI Out (NVIDIA Virtual Audio Device (Wave Extensible) (WDM))
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Canon Bubble-Jet BJC-85
Description: Canon Bubble-Jet BJC-85
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Canon
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: I:\
Description: TransMemory     
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: TOSHIBA 
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Proxy für Streaming Quality Manager
Description: Microsoft Proxy für Streaming Quality Manager
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSPQM
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN Remote Setup Port (COM6)
Description: Brother MFC-465CN Remote Setup Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: Brother
Service: BrSerIf
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Eingabegerät
Description: USB-Eingabegerät
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardsystemgeräte)
Service: HidUsb
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN
Description: Brother MFC-465CN
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Brother
Service: usbscan
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: I:\
Description: SD/MMC Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: USB 2.0 
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Druckerunterstützung
Description: USB-Druckerunterstützung
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbprint
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: BrotherMFC-465CN
Description: BrotherMFC-465CN
Class Guid: 
Manufacturer: 
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN Printer
Description: Brother MFC-465CN Printer
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: Brother
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft VHD-Loopbackcontroller
Description: Microsoft VHD-Loopbackcontroller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vhdmp
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Standardvolume
Description: Standardvolume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Jürgen Mehlhorn (Galaxy Note4)
Description: SM-N910F
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFWpdMtp
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Brother MFC-465CN Printer
Description: Lokale Druckwarteschlange
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Brother
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Canon Bubble-Jet BJC-85
Description: Lokale Druckwarteschlange
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Canon
Service: 
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Proxy für Streaming Clock
Description: Microsoft Proxy für Streaming Clock
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSPCLOCK
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung
Description: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSTEE
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.

Name: I:\
Description: Flash Disk      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Currently, this hardware device is not connected to the computer. (Code 45).
Resolution: The device is not present or was previously attached to the computer.
To fix this problem, reconnect this hardware device to the computer.
If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/12/2015 05:37:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:37:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:37:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:31:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:31:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:26:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:26:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:21:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:21:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/12/2015 05:16:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/12/2015 03:28:37 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (06/12/2015 03:28:34 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (06/12/2015 03:28:34 PM) (Source: BTHUSB) (EventID: 33) (User: )
Description: The Bluetooth controller or its firmware is incompatible with Windows.  Please check Windows Update or your OEM website for an updated firmware or driver package.

Error: (06/12/2015 03:28:09 PM) (Source: DCOM) (EventID: 10010) (User: Asus-K95VB)
Description: {F2F6A7B0-0E74-49BF-ABDF-8A0778554472}

Error: (06/12/2015 03:28:09 PM) (Source: DCOM) (EventID: 10010) (User: Asus-K95VB)
Description: {F2F6A7B0-0E74-49BF-ABDF-8A0778554472}

Error: (06/12/2015 03:28:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/12/2015 10:30:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/12/2015 08:51:12 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (06/12/2015 08:51:09 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (06/12/2015 08:51:09 AM) (Source: BTHUSB) (EventID: 33) (User: )
Description: The Bluetooth controller or its firmware is incompatible with Windows.  Please check Windows Update or your OEM website for an updated firmware or driver package.


Microsoft Office:
=========================
Error: (06/12/2015 05:37:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:37:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:37:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:31:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:31:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:26:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:26:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:21:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:21:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL

Error: (06/12/2015 05:16:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL


CodeIntegrity Errors:
===================================
  Date: 2015-06-04 06:37:16.725
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-03 07:08:15.104
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-01 14:01:47.528
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-27 18:20:56.783
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 31%
Total physical RAM: 16263.25 MB
Available physical RAM: 11191.79 MB
Total Pagefile: 17287.25 MB
Available Pagefile: 11522.62 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.96 GB) (Free:353.27 GB) NTFS
Drive d: (Volume) (Fixed) (Total:97.66 GB) (Free:42.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (J O B) (Fixed) (Total:390.63 GB) (Free:366.64 GB) NTFS
Drive h: (Aspire HEF) (Fixed) (Total:443.22 GB) (Free:289.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F3697AC5)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 476.9 GB) (Disk ID: 09E876F5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=476 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of log ============================

--- --- ---

Ich hoffe, ich hab nichts verkehrt gemacht?

12.06.2015, 15:58	#12
Warlord711 /// TB-Ausbilder	MalWareBytes Logfile Bitte noch aktuelles FRST Log+Addition nachreichen, danke. __________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie \| Spende \| Lob & Kritik

MalWareBytes Logfile

Log-Analyse und Auswertung: MalWareBytes Logfile