Danke für deine Hilfe schonmal im vorab...
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Corina (administrator) on CORINA-PC on 21-01-2015 21:46:23
Running from C:\Users\Corina\Downloads
Loaded Profiles: Corina (Available profiles: Corina)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: E - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {0084fd34-8384-11e3-82d8-001e101f36d9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {0084fd43-8384-11e3-82d8-001e101f36d9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {0084fd50-8384-11e3-82d8-001e101f36d9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {0084fd5e-8384-11e3-82d8-001e101f36d9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {06b3441a-664d-11e4-84a5-001e101fe5e1} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {06b34428-664d-11e4-84a5-001e101fe5e1} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {06b34437-664d-11e4-84a5-001e101fe5e1} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {073b4688-b55c-11e2-9de5-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {0ff88a84-9d16-11e2-b8f7-001e101f1838} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {19f298f9-9aed-11e2-8de0-001e101fb681} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {19f2990a-9aed-11e2-8de0-001e101fb681} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2149865c-2830-11e2-bfa6-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2149866f-2830-11e2-bfa6-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {214986a0-2830-11e2-bfa6-00262dc87ea8} - F:\AutoRun.exe
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {257268e0-8363-11e2-ae24-001e101fb4df} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {257268ec-8363-11e2-ae24-001e101fb4df} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {257268fc-8363-11e2-ae24-001e101fb4df} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2572690d-8363-11e2-ae24-001e101fb4df} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2698c681-9e32-11e2-b46b-001e101f4e71} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2698c692-9e32-11e2-b46b-001e101f4e71} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2698c6a0-9e32-11e2-b46b-001e101f4e71} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2698c6b4-9e32-11e2-b46b-001e101f4e71} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {29e36ecc-996d-11e2-96d5-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2e364937-eca6-11e2-9514-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2e364944-eca6-11e2-9514-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2e364961-eca6-11e2-9514-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2e36496e-eca6-11e2-9514-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2f006714-9d0c-11e2-9656-001e101f21c1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2f006739-9d0c-11e2-9656-001e101f21c1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2f00674f-9d0c-11e2-9656-001e101f21c1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2f006766-9d0c-11e2-9656-001e101f21c1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {2f00677e-9d0c-11e2-9656-001e101f21c1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {31b8cb06-eae4-11e3-a84e-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {31b8cb15-eae4-11e3-a84e-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {31b8cb3a-eae4-11e3-a84e-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {487468ac-fbab-11e2-b11f-001e101f8ed0} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {487468be-fbab-11e2-b11f-001e101f8ed0} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {487468cf-fbab-11e2-b11f-001e101f8ed0} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {487468df-fbab-11e2-b11f-001e101f8ed0} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {4a2d8c83-fe18-11e3-a35d-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {57f501cc-657f-11e4-8440-806e6f6e6963} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {57f50221-657f-11e4-8440-00262dc87ea8} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {5e5f296b-0d59-11e3-a46a-001e101fe5e1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {5e5f297f-0d59-11e3-a46a-001e101fe5e1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {5e5f2994-0d59-11e3-a46a-001e101fe5e1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {5edc55d6-4a76-11e1-8212-00262dc87ea8} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {641784f2-e018-11e2-b3a4-001e101f82a0} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {64178518-e018-11e2-b3a4-001e101f82a0} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {64178527-e018-11e2-b3a4-001e101f82a0} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {64178533-e018-11e2-b3a4-001e101f82a0} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {64178543-e018-11e2-b3a4-001e101f82a0} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {64178551-e018-11e2-b3a4-001e101f82a0} - G:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6a16d7d4-1a06-11e2-ba18-00262dc87ea8} - F:\AutoRun.exe
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6c5741a4-9960-11e2-9ffa-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6c5741b5-9960-11e2-9ffa-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6c5741c9-9960-11e2-9ffa-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6db46bf6-14ba-11e3-97f8-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6db46c03-14ba-11e3-97f8-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6ebfd3b4-b036-11e2-a900-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6ebfd3d1-b036-11e2-a900-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {6ebfd3e3-b036-11e2-a900-001e101f1838} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {76baeb5a-6517-11e4-ba45-001e101f859f} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {7f9df28c-e33d-11e2-a254-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {835fd7de-0a62-11e3-a14b-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {835fd7eb-0a62-11e3-a14b-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {835fd7f9-0a62-11e3-a14b-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {8e3256b3-f2b8-11e2-9596-001e101f4e71} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {8e3256c5-f2b8-11e2-9596-001e101f4e71} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {8e3256d6-f2b8-11e2-9596-001e101f4e71} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {94c39d98-f599-11e0-9002-00262dc87ea8} - G:\Startme.exe
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {a79b65f1-2493-11e4-b6ec-00262dc87ea8} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {a7f253b4-b577-11e2-88b0-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {a7f253d0-b577-11e2-88b0-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {a7f253de-b577-11e2-88b0-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {a7f253ef-b577-11e2-88b0-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {aaf32131-b01e-11e2-99e7-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {aaf3213d-b01e-11e2-99e7-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {aaf3214c-b01e-11e2-99e7-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ae6a9c99-99cd-11e2-a1f5-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ae6a9caa-99cd-11e2-a1f5-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ae6a9cbb-99cd-11e2-a1f5-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ae6a9cd3-99cd-11e2-a1f5-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ae6a9ce7-99cd-11e2-a1f5-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {b373bf4c-6580-11e4-8468-806e6f6e6963} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {bb9bd129-b099-11e2-862a-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {d11e1a0d-9c7d-11e2-8c45-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {d11e1a1e-9c7d-11e2-8c45-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {d11e1a33-9c7d-11e2-8c45-001e101f1ed9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e10009bf-9d51-11e2-b68e-001e101fa1f5} - F:\AutoRun.exe
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e10009c3-9d51-11e2-b68e-001e101fa1f5} - F:\AutoRun.exe
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e39c98a6-1957-11e2-a255-00262dc87ea8} - F:\AutoRun.exe
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e5abc2e0-b02d-11e2-a8ac-001e101f7f74} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e5abc2ef-b02d-11e2-a8ac-001e101f7f74} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e5abc315-b02d-11e2-a8ac-001e101f7f74} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e5abc328-b02d-11e2-a8ac-001e101f7f74} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e7910835-b37d-11e3-bc23-001e101f79c9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {e7910842-b37d-11e3-bc23-001e101f79c9} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {eb9759e8-bf23-11e3-a04c-001e101f2500} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f0447257-ca1d-11e2-ba18-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f0447273-ca1d-11e2-ba18-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f0447284-ca1d-11e2-ba18-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f709b617-d673-11e2-ad53-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f709b625-d673-11e2-ad53-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f709b633-d673-11e2-ad53-00262dc87ea8} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f870338d-3013-11e4-900b-001e101f8ed0} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f870339a-3013-11e4-900b-001e101f8ed0} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f87033aa-3013-11e4-900b-001e101f8ed0} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f9b6faa4-041b-11e4-9656-001e101f82a7} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f9b6fab3-041b-11e4-9656-001e101f82a7} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {f9b6fada-041b-11e4-9656-001e101f82a7} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {fa411861-bae4-11e2-a061-001e101fb45e} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {fa41186f-bae4-11e2-a061-001e101fb45e} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {fa411880-bae4-11e2-a061-001e101fb45e} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {fa6f975f-ff81-11e3-ad32-001e101f3315} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {fa6f9775-ff81-11e3-ad32-001e101f3315} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7a44-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7a58-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7a6c-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7a7e-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7a93-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7aa6-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7acb-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7adc-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\MountPoints2: {ff6d7aef-05d0-11e3-bc0f-001e101faa49} - F:\.\Setup.exe AUTORUN=1
AppInit_DLLs-x32: c:/progra~3/{16e5f~1/cito.dll => c:/progra~3/{16e5f~1/cito.dll [634880 2014-12-17] ()
AppInit_DLLs-x32: c:/progra~3/{16e5f~1/cito.dll => c:/progra~3/{16e5f~1/cito.dll [634880 2014-12-17] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: RoyalCOupon -> {5f4e0d7c-f38d-4219-8642-7992f2cfa598} -> C:\ProgramData\RoyalCOupon\RuNGg7CLPViY2P.x64.dll No File
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: No Name -> {5f4e0d7c-f38d-4219-8642-7992f2cfa598} -> No File
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Corina\AppData\Roaming\Mozilla\Firefox\Profiles\x88kjrzv.default-1421861657650
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin HKU\S-1-5-21-1925090004-3791601015-3123731977-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Corina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Corina\AppData\Roaming\Mozilla\Firefox\Profiles\x88kjrzv.default-1421861657650\user.js
FF Extension: WOT - C:\Users\Corina\AppData\Roaming\Mozilla\Firefox\Profiles\x88kjrzv.default-1421861657650\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-01-21]
FF Extension: Adblock Plus - C:\Users\Corina\AppData\Roaming\Mozilla\Firefox\Profiles\x88kjrzv.default-1421861657650\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-21]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-01-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-18]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-01-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-01-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-01-18]
FF HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\Firefox\Extensions: [{D405EC5A-81D8-EB12-B79E-9FD6FE1135A9}] - C:\Program Files (x86)\ver1SpeedCheck\184.xpi
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [Not Found]
CHR HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Corina\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Corina\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-12-04] ()
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2409272 2013-12-10] (TuneUp Software)
S2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2015-01-21] (Emsisoft GmbH)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-21] (Emsisoft GmbH)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.) [File not signed]
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2012-11-06] (Huawei Technologies Co., Ltd.)
S3 ewusbnet; C:\Windows\SysWOW64\DRIVERS\ewusbnet.sys [138752 2012-11-06] (Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2012-11-06] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2012-11-06] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-01-21] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-01-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3564928 2010-08-20] ()
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 21:46 - 2015-01-21 21:47 - 00036554 _____ () C:\Users\Corina\Downloads\FRST.txt
2015-01-21 21:46 - 2015-01-21 21:46 - 00000000 ____D () C:\FRST
2015-01-21 21:45 - 2015-01-21 21:45 - 02126848 _____ (Farbar) C:\Users\Corina\Downloads\FRST64.exe
2015-01-21 17:40 - 2015-01-21 17:40 - 00005803 _____ () C:\Users\Corina\Desktop\AdwCleaner[S1].txt
2015-01-21 17:37 - 2015-01-21 17:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 17:37 - 2015-01-21 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-21 17:37 - 2015-01-21 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-21 17:37 - 2015-01-21 17:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-21 17:37 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-21 17:37 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-21 17:37 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-21 17:36 - 2015-01-21 17:36 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Corina\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-21 17:34 - 2015-01-21 17:34 - 02186752 _____ () C:\Users\Corina\Downloads\adwcleaner_4.108(1).exe
2015-01-21 17:30 - 2015-01-21 17:30 - 00003156 _____ () C:\Windows\System32\Tasks\{4FC76A98-A7B0-43FF-BF7B-713490D143DF}
2015-01-21 16:44 - 2015-01-21 18:37 - 00000000 ____D () C:\Users\Corina\Desktop\Antivir
2015-01-21 16:33 - 2015-01-21 16:33 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-21 15:56 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-21 15:56 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-21 15:56 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-21 15:56 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-21 15:56 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-21 15:56 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-21 15:56 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-21 15:56 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-21 15:56 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-21 15:56 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-21 15:47 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-21 15:47 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-21 15:39 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-21 15:39 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-21 15:39 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-21 15:39 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-21 15:39 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-21 15:39 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-21 15:39 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-21 15:39 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-21 15:39 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-21 15:39 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-21 15:39 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-21 15:39 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-21 15:39 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-21 15:39 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-21 15:39 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-21 15:39 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-21 15:39 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-21 15:39 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-21 15:39 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-21 15:39 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-21 15:39 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-21 15:39 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-21 15:39 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-21 15:39 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-21 15:39 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-21 15:39 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-21 15:39 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-21 15:39 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-21 15:39 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-21 15:39 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-21 15:39 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-21 15:39 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-21 15:39 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-21 15:39 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-21 15:39 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-21 15:39 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-21 15:39 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-21 15:39 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-21 15:39 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-21 15:39 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-21 15:39 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-21 15:39 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-21 15:39 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-21 15:39 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-21 15:39 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-21 15:39 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-21 15:39 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-21 15:39 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-21 15:39 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-21 15:39 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-21 15:39 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-21 15:39 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-21 15:39 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-21 15:39 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-21 15:39 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-21 15:39 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-21 15:39 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-21 15:39 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-21 15:38 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-21 15:38 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-21 15:38 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-21 15:38 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-21 15:38 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-21 15:38 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-21 15:38 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-21 15:38 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-21 15:38 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-21 15:38 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-21 15:38 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-21 15:38 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-21 15:38 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-21 15:38 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-21 15:38 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-21 15:38 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-21 15:38 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-21 15:38 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-21 15:38 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-21 15:38 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-21 15:38 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-21 15:38 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-21 15:38 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-21 15:38 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-21 15:38 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-21 15:38 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-21 15:38 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-21 15:38 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-21 15:38 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-21 15:38 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-21 15:38 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-21 15:38 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-21 15:38 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-21 15:38 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-21 15:38 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-21 15:38 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-21 15:38 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-21 15:38 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-21 15:38 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-21 15:38 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-21 15:38 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-21 15:38 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-21 15:37 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-21 15:37 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-21 15:37 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-21 15:37 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-21 15:37 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-21 15:37 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-21 15:37 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-21 15:37 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-21 15:37 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-21 15:37 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-21 15:37 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-21 15:37 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-21 15:37 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-21 15:37 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-21 15:37 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-21 15:37 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-21 15:37 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-21 15:37 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-21 15:36 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-21 15:36 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-21 15:36 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-21 15:36 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-21 15:36 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-21 15:36 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-21 15:36 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-21 15:36 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-21 15:36 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-21 15:36 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-21 15:36 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-21 15:36 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-21 15:36 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-21 15:36 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-21 15:36 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-21 15:36 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-21 15:36 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-21 15:36 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-21 15:36 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-01-21 15:36 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-21 15:36 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-21 15:36 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-21 15:36 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-21 15:36 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-21 15:36 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-21 15:36 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-21 15:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-01-21 15:36 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-21 15:36 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-21 15:31 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-21 15:31 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-01-21 15:29 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-21 15:29 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-21 15:29 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-21 15:29 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-01-21 15:29 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-01-21 15:29 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-01-21 15:29 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-21 15:29 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-01-21 15:29 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-01-21 15:29 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-21 15:29 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-01-21 15:27 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-21 15:27 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-01-21 15:27 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-21 15:26 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-21 15:26 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-21 15:26 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-21 15:26 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-21 14:10 - 2015-01-21 14:14 - 154051656 _____ () C:\Users\Corina\Downloads\avira_free_antivirus468_de(1).exe
2015-01-21 14:08 - 2015-01-21 14:08 - 05827012 _____ () C:\Users\Corina\Downloads\avira_free_antivirus468_de.exe.part
2015-01-21 14:08 - 2015-01-21 14:08 - 00000000 _____ () C:\Users\Corina\Downloads\avira_free_antivirus468_de.exe
2015-01-21 14:07 - 2015-01-21 14:07 - 00618512 _____ () C:\Users\Corina\Downloads\avira-free-antivir.exe
2015-01-21 13:59 - 2015-01-21 13:59 - 00022660 _____ () C:\Users\Corina\Desktop\Quarantine_150121-135920.txt
2015-01-21 12:49 - 2015-01-21 12:49 - 00000000 ____D () C:\Users\Corina\AppData\Local\Macromedia
2015-01-21 12:40 - 2015-01-21 12:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-01-21 12:08 - 2015-01-21 12:08 - 00001094 _____ () C:\EamClean.log
2015-01-21 10:09 - 2015-01-21 13:58 - 00000000 ____D () C:\EEK
2015-01-21 10:03 - 2015-01-21 10:07 - 167482160 _____ () C:\Users\Corina\Downloads\EmsisoftEmergencyKit.exe
2015-01-21 09:54 - 2015-01-21 09:54 - 00000000 ____D () C:\Windows\pss
2015-01-21 09:48 - 2015-01-21 19:47 - 00172220 _____ () C:\Windows\PFRO.log
2015-01-21 09:42 - 2015-01-21 17:37 - 00000000 ____D () C:\AdwCleaner
2015-01-21 09:42 - 2015-01-21 09:42 - 02186752 _____ () C:\Users\Corina\Downloads\adwcleaner_4.108.exe
2015-01-21 09:16 - 2015-01-21 15:57 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-21 09:16 - 2015-01-21 09:16 - 00000000 ____D () C:\Users\Corina\AppData\Roaming\Mozilla
2015-01-21 09:16 - 2015-01-21 09:16 - 00000000 ____D () C:\Users\Corina\AppData\Local\Mozilla
2015-01-21 09:16 - 2015-01-21 09:16 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-21 09:16 - 2015-01-21 09:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-21 09:16 - 2015-01-21 09:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-21 09:14 - 2015-01-21 09:14 - 00243728 _____ () C:\Users\Corina\Downloads\Firefox Setup Stub 35.0 (1).exe
2015-01-21 09:12 - 2015-01-21 09:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2015-01-21 09:11 - 2015-01-21 09:11 - 00243728 _____ () C:\Users\Corina\Downloads\Firefox Setup Stub 35.0.exe
2015-01-19 20:41 - 2015-01-21 09:46 - 00000112 _____ () C:\ProgramData\DVrSQ8.dat
2015-01-19 20:25 - 2015-01-19 20:25 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-19 20:25 - 2015-01-19 20:25 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-19 20:23 - 2015-01-21 16:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-19 20:21 - 2015-01-19 20:21 - 04877488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-01-19 20:18 - 2015-01-21 19:47 - 00001462 _____ () C:\Windows\setupact.log
2015-01-19 20:18 - 2015-01-19 20:18 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-18 19:18 - 2010-11-21 04:40 - 00001547 _____ () C:\Users\Corina\Desktop\Windows Media Player.lnk
2015-01-18 19:18 - 2009-07-14 05:54 - 00001242 _____ () C:\Users\Corina\Desktop\Paint.lnk
2015-01-18 19:10 - 2015-01-18 19:10 - 00000875 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-01-18 19:10 - 2015-01-18 19:10 - 00000000 ____D () C:\Users\Corina\AppData\Roaming\vlc
2015-01-18 19:10 - 2015-01-18 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-18 19:09 - 2015-01-18 19:09 - 00000000 ____D () C:\Program Files\VideoLAN
2015-01-18 19:04 - 2015-01-18 19:08 - 00000000 ____D () C:\Users\Corina\AppData\Local\Paint.NET
2015-01-18 19:04 - 2015-01-18 19:04 - 00001304 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2015-01-18 19:04 - 2015-01-18 19:04 - 00001292 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2015-01-18 19:04 - 2015-01-18 19:04 - 00000000 ____D () C:\Program Files\Paint.NET
2015-01-18 18:54 - 2015-01-18 18:54 - 00000000 ____D () C:\Users\Corina\AppData\Roaming\OpenOffice
2015-01-18 18:52 - 2015-01-18 18:52 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2015-01-18 18:52 - 2015-01-18 18:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2015-01-18 18:50 - 2015-01-18 18:51 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-01-18 18:31 - 2015-01-18 18:31 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-01-18 18:30 - 2015-01-18 18:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-18 18:30 - 2015-01-18 18:30 - 00001399 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-18 18:30 - 2015-01-18 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-18 18:30 - 2015-01-18 18:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-18 18:30 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-01-18 18:27 - 2015-01-18 18:27 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-18 18:27 - 2015-01-18 18:27 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-18 18:06 - 2015-01-18 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-01-18 18:06 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-01-18 18:05 - 2015-01-21 21:45 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-18 18:05 - 2015-01-18 18:05 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-01-18 18:05 - 2015-01-18 18:05 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-01-18 18:04 - 2015-01-21 15:14 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-01-18 18:04 - 2015-01-21 15:14 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-01-18 18:04 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-01-18 17:39 - 2015-01-18 17:39 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-08 20:50 - 2015-01-08 20:50 - 00002958 _____ () C:\Windows\System32\Tasks\{3C0D192E-6BCF-428A-B0BA-DFBF2843A130}
2015-01-06 17:37 - 2015-01-06 17:37 - 00000000 ____D () C:\ProgramData\fbehjgebhecpfogfgggeanlbbplkhhhl
2014-12-25 12:03 - 2014-12-25 12:05 - 00861855 _____ () C:\Users\Corina\Downloads\Setup.exe
2014-12-22 16:32 - 2014-12-22 16:32 - 00000000 ____D () C:\ProgramData\coupcoup
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 21:44 - 2014-12-17 20:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-21 21:44 - 2011-08-07 14:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-21 21:44 - 2011-08-07 14:38 - 02012717 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 19:57 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 19:57 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 19:48 - 2011-08-07 14:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 19:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 18:43 - 2014-12-17 19:16 - 00000000 ____D () C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26
2015-01-21 18:39 - 2011-08-16 15:08 - 00000000 ____D () C:\Users\Corina\AppData\Local\Adobe
2015-01-21 18:39 - 2011-05-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-21 18:32 - 2012-04-27 11:14 - 00000000 ____D () C:\Users\Corina\AppData\Roaming\ZalmanInstaller_otshot
2015-01-21 17:24 - 2014-03-11 13:16 - 00020480 ___SH () C:\Users\Corina\Thumbs.db
2015-01-21 17:14 - 2013-01-30 20:06 - 00000000 ____D () C:\Users\Corina\Desktop\Manu
2015-01-21 16:39 - 2009-07-14 05:45 - 00511448 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-21 16:33 - 2014-08-15 17:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-21 16:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-21 16:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-21 16:03 - 2012-05-18 17:50 - 01625560 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-21 16:03 - 2011-05-20 21:25 - 00714926 _____ () C:\Windows\system32\perfh007.dat
2015-01-21 16:03 - 2011-05-20 21:25 - 00154720 _____ () C:\Windows\system32\perfc007.dat
2015-01-21 16:03 - 2009-07-14 06:13 - 01625560 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 15:47 - 2013-11-12 15:42 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 12:28 - 2012-03-31 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2015-01-21 12:28 - 2012-03-31 00:07 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2015-01-21 12:08 - 2014-12-17 00:11 - 00000000 ____D () C:\ProgramData\WYakpf
2015-01-21 12:05 - 2014-12-20 14:28 - 00000000 ____D () C:\Program Files (x86)\1f3b7c06-ca37-4bd1-a4a9-cff050015f8d
2015-01-21 09:47 - 2011-08-07 14:47 - 00000000 ____D () C:\Users\Corina
2015-01-21 09:38 - 2014-12-17 00:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-21 09:38 - 2011-08-07 14:50 - 00000000 ____D () C:\Users\Corina\AppData\Local\Google
2015-01-21 09:37 - 2014-12-16 23:29 - 00000000 ____D () C:\Users\Corina\AppData\Local\Chrome
2015-01-21 09:36 - 2012-12-08 17:31 - 00000000 ____D () C:\Program Files (x86)\ALDI Bestellsoftware
2015-01-19 20:21 - 2014-12-17 20:46 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-19 20:21 - 2014-12-17 20:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-19 20:21 - 2011-05-20 23:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-18 19:03 - 2011-08-07 14:48 - 00150256 _____ () C:\Users\Corina\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-18 18:32 - 2012-02-03 18:08 - 00000000 ____D () C:\Users\Corina\AppData\Roaming\Skype
2015-01-18 18:31 - 2012-05-20 18:56 - 00000000 ____D () C:\Windows\Minidump
2015-01-18 18:31 - 2011-05-20 21:52 - 00000000 ____D () C:\Windows\Panther
2015-01-08 18:51 - 2014-12-17 20:29 - 00000163 _____ () C:\Users\Corina\AppData\Roaming\WB.CFG
2015-01-08 12:04 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-02 08:53 - 2012-11-06 17:51 - 00000000 ____D () C:\Users\Corina\AppData\Roaming\ALDITALKVerbindungsassistent
2014-12-31 13:12 - 2011-05-20 22:28 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-24 13:09 - 2014-12-17 18:16 - 00000355 _____ () C:\Windows\wininit.ini
==================== Files in the root of some directories =======
2012-02-27 12:58 - 2013-03-20 22:07 - 0045476 _____ () C:\Users\Corina\AppData\Roaming\UserTile.png
2014-12-17 20:29 - 2015-01-08 18:51 - 0000163 _____ () C:\Users\Corina\AppData\Roaming\WB.CFG
2014-12-19 22:31 - 2014-12-19 22:31 - 0000001 _____ () C:\Users\Corina\AppData\Local\DSI.DAT
2014-12-19 22:31 - 2014-12-19 22:31 - 0022528 _____ () C:\Users\Corina\AppData\Local\dsisetup35805662.exe
2015-01-19 20:41 - 2015-01-21 09:46 - 0000112 _____ () C:\ProgramData\DVrSQ8.dat
2012-04-14 16:07 - 2012-04-14 16:07 - 0004910 _____ () C:\ProgramData\qjaxlkio.dss
Files to move or delete:
====================
C:\ProgramData\DVrSQ8.dat
C:\ProgramData\qjaxlkio.dss
Some content of TEMP:
====================
C:\Users\Corina\AppData\Local\Temp\avgnt.exe
C:\Users\Corina\AppData\Local\Temp\nsi9BE5.tmp.exe
C:\Users\Corina\AppData\Local\Temp\Quarantine.exe
C:\Users\Corina\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-21 13:21
==================== End Of Log ====
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Corina at 2015-01-21 21:48:05
Running from C:\Users\Corina\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader X (10.0.1) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.1 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
bet-at-home.com Poker (HKLM-x32\...\bet-at-home.com Poker ) (Version: - Boss Media AB)
bet-at-home.com Poker (HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\Betathome) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Contenta Converter PREMIUM (HKLM-x32\...\ContentaConverter-PREMIUM) (Version: - Contenta Software)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.1.588 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2731.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Everio MediaBrowser HD Edition (HKLM-x32\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 2.02.106 - PIXELA)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.0.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.0.128 - DVDVideoSoft Ltd.)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HQPro-Video 1.6V20.12 (HKLM-x32\...\HQPro-Video 1.6V20.12) (Version: 1.35.12.18 - HQ-VideoV20.12) <==== ATTENTION
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416025FF}) (Version: 6.0.250 - Oracle)
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.3 - Wistron Corp.)
MAGIX Screenshare (HKLM-x32\...\{6635B372-E2C5-4C2F-97FB-D1766E017CEE}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{BFD631C4-FBB5-4AC5-B807-9137B265628C}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe18) (Version: 11.0.0.38 - MAGIX AG)
MAGIX Video deluxe MX Download-Version (x32 Version: 11.0.0.38 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.09.02.511 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6334 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung ML-1520 Series (HKLM-x32\...\Samsung ML-1520 Series) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.179 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
Ulead Photo Explorer 7.0 SE (HKLM-x32\...\{E38E1721-7FE7-11D4-A898-0000E83DCDA6}) (Version: - )
Unity Web Player (HKU\S-1-5-21-1925090004-3791601015-3123731977-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54000.100 - Sonix)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VR-pulse Installer (HKLM\...\{D3836C5E-6824-4C9F-9B45-09C989B13EF6}) (Version: 1.5.1.0 - American Megatrends Inc.)
watchmi (HKLM-x32\...\{AA4D1C5E-116A-4FF4-AA91-28F526868203}) (Version: 2.5.0 - Axel Springer Digital TV Guide GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-01-2015 17:41:14 Revo Uninstaller's restore point - Ask Toolbar
18-01-2015 17:46:11 Revo Uninstaller's restore point - Babylon Toolbar
18-01-2015 17:49:53 Revo Uninstaller's restore point - omiga-plus uninstall
18-01-2015 17:51:51 Revo Uninstaller's restore point - MyStart Toolbar
18-01-2015 18:03:43 Revo Uninstaller's restore point - Super Optimizer v3.2
18-01-2015 18:39:42 Revo Uninstaller's restore point - OpenOffice.org 3.3
18-01-2015 18:44:14 Revo Uninstaller's restore point - Optimizer Pro v3.2
18-01-2015 18:46:26 Revo Uninstaller's restore point - Optimizer Pro v3.2
18-01-2015 18:50:09 OpenOffice 4.0.1 wird installiert
18-01-2015 19:04:03 Paint.NET v3.5.11
19-01-2015 20:23:15 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
19-01-2015 20:33:09 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
21-01-2015 15:40:05 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {18D9053B-607A-4C91-BC55-3AB684F3F2D7} - System32\Tasks\{66F13A88-A9B0-4F38-8CDB-088F8187375F} => pcalua.exe -a "C:\Program Files (x86)\Zylom Games\UninstallPlugin.exe" -d "C:\Program Files (x86)\Zylom Games"
Task: {1D27A00D-C570-4C65-8C36-7F6D90D149B9} - System32\Tasks\{4FC76A98-A7B0-43FF-BF7B-713490D143DF} => pcalua.exe -a C:\Users\Corina\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=cvs <==== ATTENTION
Task: {26F343CB-BB05-4AD9-9FD5-A48731A010FD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {30C4FA28-1AD0-4135-B6A0-A58CC5B1EBFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {40578D3C-84B6-4BAA-966D-B65633686C24} - System32\Tasks\{8B3562B2-86CD-43E8-BD34-C9C60C987435} => pcalua.exe -a "C:\Program Files (x86)\ALDITALKVerbindungsassistent\InstallWTGService.exe" -d "C:\Program Files (x86)\ALDITALKVerbindungsassistent" -c install
Task: {4472156B-901B-4ADF-9266-EDCAB89F2824} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-17] (Google Inc.)
Task: {50EAC94A-2530-4DE5-8685-2856F5306BA9} - System32\Tasks\{A0811970-D2D0-4EC9-AED2-E01CA325DE7B} => pcalua.exe -a "C:\Program Files (x86)\ALDITALKVerbindungsassistent\InstallWTGService.exe" -d "C:\Program Files (x86)\ALDITALKVerbindungsassistent" -c install
Task: {6EDF4A7E-4F4F-4281-958F-5385B0BCE11B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-17] (Google Inc.)
Task: {80DB4F46-4282-4018-A981-F35D4B576DAA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-12-10] (TuneUp Software)
Task: {847FBDE0-C055-4DF4-A871-7CF4F119DF9D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {8C6BCBFF-B761-4CD1-A315-663DF0F3BA53} - System32\Tasks\{CF2F3D1B-8B56-4ADF-9C2C-6218937AC166} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {9B754936-4FB8-4382-9ACD-6C2398CAD8A1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {A0AEF3F9-D694-47A3-9140-498280177957} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {AFB91FAA-21D7-45C5-9840-3735B33419CA} - \{41D07558-9C12-4B5D-9DCF-339BC3264367} No Task File <==== ATTENTION
Task: {BCE34C0B-361D-4BA2-A3FC-16ECC056A0A0} - System32\Tasks\{3C0D192E-6BCF-428A-B0BA-DFBF2843A130} => C:\Program Files\Netzmanager\netzmanager.exe [2014-01-24] (Deutsche Telekom AG)
Task: {C97EFD3F-9A2C-4EC0-998B-2FC26E8910CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {DAB879E7-2465-46CA-AD1F-A46A839E18D2} - System32\Tasks\{A06B7282-4342-4DD0-8AF5-E97EF03732ED} => pcalua.exe -a E:\VideoClassUSB20PCCam_v5.8.54000.100.exe -d E:\
Task: {EA1E9E6F-22BA-4B5C-89EE-9D737191C7A5} - System32\Tasks\{30562A3D-3A41-472D-BD26-ECCD84E9DBDF} => pcalua.exe -a G:\.\Setup.exe -d G:\ -c AUTORUN=1
Task: {EFCDC043-63A5-47C2-890A-B6B6118B7586} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-11-06 17:51 - 2013-12-04 19:30 - 00358968 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2011-05-23 16:57 - 2010-12-14 10:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-12-10 18:45 - 2013-12-10 18:45 - 00753464 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-01-18 18:30 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-18 18:30 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-18 18:30 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-18 18:30 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-18 18:30 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-21 09:16 - 2015-01-09 10:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2015-01-21 15:03 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2015-01-21 17:56 - 2015-01-21 17:56 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-05-21 00:22 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Camera Monitor HD.lnk => C:\Windows\pss\Camera Monitor HD.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launcher.lnk => C:\Windows\pss\Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk => C:\Windows\pss\watchmi tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Corina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Netzmanager.lnk => C:\Windows\pss\Netzmanager.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Corina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Dolby Advanced Audio v2 => "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
MSCONFIG\startupreg: HotkeyApp => "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelPAN => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LMgrVolOSD => "C:\Program Files (x86)\Launch Manager\OSD.exe"
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: snp2uvc => C:\Windows\vsnp2uvc.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TrayServer => C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Download-Version\TrayServer_de.exe
MSCONFIG\startupreg: tsnp2uvc => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
MSCONFIG\startupreg: Wbutton => "C:\Program Files (x86)\Launch Manager\Wbutton.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-1925090004-3791601015-3123731977-500 - Administrator - Disabled)
Corina (S-1-5-21-1925090004-3791601015-3123731977-1000 - Administrator - Enabled) => C:\Users\Corina
Gast (S-1-5-21-1925090004-3791601015-3123731977-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1925090004-3791601015-3123731977-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/21/2015 07:49:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TvdService.exe, Version: 2.5.0.5, Zeitstempel: 0x4cfcce86
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe053534f
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xTvdService.exe0
Pfad der fehlerhaften Anwendung: TvdService.exe1
Pfad des fehlerhaften Moduls: TvdService.exe2
Berichtskennung: TvdService.exe3
Error: (01/21/2015 05:41:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TvdService.exe, Version: 2.5.0.5, Zeitstempel: 0x4cfcce86
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe053534f
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xTvdService.exe0
Pfad der fehlerhaften Anwendung: TvdService.exe1
Pfad des fehlerhaften Moduls: TvdService.exe2
Berichtskennung: TvdService.exe3
Error: (01/21/2015 04:58:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TvdService.exe, Version: 2.5.0.5, Zeitstempel: 0x4cfcce86
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe053534f
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xTvdService.exe0
Pfad der fehlerhaften Anwendung: TvdService.exe1
Pfad des fehlerhaften Moduls: TvdService.exe2
Berichtskennung: TvdService.exe3
Error: (01/21/2015 04:40:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TvdService.exe, Version: 2.5.0.5, Zeitstempel: 0x4cfcce86
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe053534f
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xTvdService.exe0
Pfad der fehlerhaften Anwendung: TvdService.exe1
Pfad des fehlerhaften Moduls: TvdService.exe2
Berichtskennung: TvdService.exe3
Error: (01/21/2015 02:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TvdService.exe, Version: 2.5.0.5, Zeitstempel: 0x4cfcce86
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe053534f
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xTvdService.exe0
Pfad der fehlerhaften Anwendung: TvdService.exe1
Pfad des fehlerhaften Moduls: TvdService.exe2
Berichtskennung: TvdService.exe3
Error: (01/21/2015 00:49:34 PM) (Source: MsiInstaller) (EventID: 10005) (User: Corina-PC)
Description: Programm: Kaspersky Internet Security -- Interner Fehler 2771. AVScannerAndCoreFeature
Error: (01/21/2015 00:46:05 PM) (Source: MsiInstaller) (EventID: 10005) (User: Corina-PC)
Description: Programm: Kaspersky Internet Security -- Interner Fehler 2771. AVScannerAndCoreFeature
Error: (01/21/2015 00:10:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TvdService.exe, Version: 2.5.0.5, Zeitstempel: 0x4cfcce86
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe053534f
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xTvdService.exe0
Pfad der fehlerhaften Anwendung: TvdService.exe1
Pfad des fehlerhaften Moduls: TvdService.exe2
Berichtskennung: TvdService.exe3
Error: (01/21/2015 09:58:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TvdService.exe, Version: 2.5.0.5, Zeitstempel: 0x4cfcce86
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe053534f
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xTvdService.exe0
Pfad der fehlerhaften Anwendung: TvdService.exe1
Pfad des fehlerhaften Moduls: TvdService.exe2
Berichtskennung: TvdService.exe3
Error: (01/21/2015 09:50:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TvdService.exe, Version: 2.5.0.5, Zeitstempel: 0x4cfcce86
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe053534f
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xTvdService.exe0
Pfad der fehlerhaften Anwendung: TvdService.exe1
Pfad des fehlerhaften Moduls: TvdService.exe2
Berichtskennung: TvdService.exe3
System errors:
=============
Error: (01/21/2015 07:49:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/21/2015 07:49:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst watchmi service erreicht.
Error: (01/21/2015 07:49:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/21/2015 07:49:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (01/21/2015 05:41:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/21/2015 05:41:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst watchmi service erreicht.
Error: (01/21/2015 05:41:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/21/2015 05:41:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (01/21/2015 05:38:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (01/21/2015 05:38:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Microsoft Office Sessions:
=========================
Error: (01/21/2015 07:49:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TvdService.exe2.5.0.54cfcce86KERNELBASE.dll6.1.7601.184095315a05ae053534f000000000000940d
Error: (01/21/2015 05:41:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TvdService.exe2.5.0.54cfcce86KERNELBASE.dll6.1.7601.184095315a05ae053534f000000000000940d
Error: (01/21/2015 04:58:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TvdService.exe2.5.0.54cfcce86KERNELBASE.dll6.1.7601.184095315a05ae053534f000000000000940d
Error: (01/21/2015 04:40:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TvdService.exe2.5.0.54cfcce86KERNELBASE.dll6.1.7601.184095315a05ae053534f000000000000940d
Error: (01/21/2015 02:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TvdService.exe2.5.0.54cfcce86KERNELBASE.dll6.1.7601.184095315a05ae053534f000000000000940d
Error: (01/21/2015 00:49:34 PM) (Source: MsiInstaller) (EventID: 10005) (User: Corina-PC)
Description: Programm: Kaspersky Internet Security -- Interner Fehler 2771. AVScannerAndCoreFeature(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/21/2015 00:46:05 PM) (Source: MsiInstaller) (EventID: 10005) (User: Corina-PC)
Description: Programm: Kaspersky Internet Security -- Interner Fehler 2771. AVScannerAndCoreFeature(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/21/2015 00:10:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TvdService.exe2.5.0.54cfcce86KERNELBASE.dll6.1.7601.184095315a05ae053534f000000000000940d
Error: (01/21/2015 09:58:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TvdService.exe2.5.0.54cfcce86KERNELBASE.dll6.1.7601.184095315a05ae053534f000000000000940d
Error: (01/21/2015 09:50:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TvdService.exe2.5.0.54cfcce86KERNELBASE.dll6.1.7601.184095315a05ae053534f000000000000940d
CodeIntegrity Errors:
===================================
Date: 2015-01-21 13:27:15.349
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-21 13:27:15.349
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-21 13:27:15.339
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-21 13:27:15.319
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-21 13:27:15.299
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-21 13:27:15.299
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-09 10:53:01.665
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-09 10:53:01.662
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-09 10:53:01.659
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-09 10:53:01.638
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 50%
Total physical RAM: 4003 MB
Available physical RAM: 1997.61 MB
Total Pagefile: 8004.19 MB
Available Pagefile: 5539.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:657.54 GB) (Free:527.54 GB) NTFS
Drive d: (Recover) (Fixed) (Total:37.99 GB) (Free:14.76 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=657.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
