Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Roll Around Ads/ Win 8 eingefangen (https://www.trojaner-board.de/164555-roll-around-ads-win-8-eingefangen.html)

Calimera 28.02.2015 14:07
Roll Around Ads/ Win 8 eingefangen
 
Hallo,

mich hat der Roll Around erwischt. Ich hoffe auch mir kann geholfen werden.

Danke und viele Grüße
Cali

schrauber 28.02.2015 14:16
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Calimera 28.02.2015 14:21
Hallo,

danke für die schnelle Antwort:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Calimera (administrator) on CALIMERO on 28-02-2015 14:13:09
Running from C:\Users\Calimera\Downloads
Loaded Profiles: Calimera (Available profiles: Calimera)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(ICQ) C:\Users\Calimera\AppData\Roaming\ICQM\icq.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Run: [icq] => C:\Users\Calimera\AppData\Roaming\ICQM\icq.exe [28698984 2013-10-01] (ICQ)
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoCam Suite.lnk
ShortcutTarget: VideoCam Suite.lnk -> C:\Program Files (x86)\Common Files\Panasonic\VideoCam Suite AutoStart\VideoCamSuiteAutoStart.exe (Panasonic Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4209576780-459793780-3707532381-1002 -> {910587C8-EEA0-4DAD-BA32-3AFDE73D6B25} URL =
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Roll Around -> {83c0e288-8fa0-43d3-acc7-c1e839d85abc} -> C:\Program Files (x86)\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Calimera\AppData\Roaming\Mozilla\Firefox\Profiles\i2k9c7ah.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Calimera\AppData\Roaming\Mozilla\Firefox\Profiles\i2k9c7ah.default\Extensions\abs@avira.com [2015-02-05]
FF Extension: Roll Around - C:\Users\Calimera\AppData\Roaming\Mozilla\Firefox\Profiles\i2k9c7ah.default\Extensions\{711c82f1-361e-4764-aa28-cdd55ff6117e}.xpi [2015-02-18]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-19]
CHR Extension: (Google Docs) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-19]
CHR Extension: (Google Drive) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-20]
CHR Extension: (YouTube) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-19]
CHR Extension: (Google Search) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-19]
CHR Extension: (Google Sheets) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-19]
CHR Extension: (Avira Browser Safety) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-19]
CHR Extension: (Google Wallet) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-19]
CHR Extension: (Gmail) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-19]
CHR HKU\S-1-5-21-4209576780-459793780-3707532381-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Calimera\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Calimera\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-20] (Dritek System INC.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-20] (Dritek System Inc.)
R3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 14:13 - 2015-02-28 14:13 - 00019247 _____ () C:\Users\Calimera\Downloads\FRST.txt
2015-02-28 14:12 - 2015-02-28 14:13 - 00000000 ____D () C:\FRST
2015-02-28 14:12 - 2015-02-28 14:12 - 02087936 _____ (Farbar) C:\Users\Calimera\Downloads\FRST64.exe
2015-02-28 13:40 - 2015-02-28 13:40 - 00243576 _____ () C:\Users\Calimera\Downloads\Firefox Setup Stub 36.0.exe
2015-02-28 13:40 - 2015-02-28 13:40 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-28 13:40 - 2015-02-28 13:40 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-28 13:40 - 2015-02-28 13:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-28 13:16 - 2015-02-28 13:16 - 00295984 _____ () C:\WINDOWS\Minidump\022815-19625-01.dmp
2015-02-25 19:57 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 19:57 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-24 13:25 - 2015-02-24 13:25 - 00014816 _____ () C:\Users\Calimera\Documents\kündigung martina.odt
2015-02-22 21:43 - 2015-02-22 21:43 - 00297520 _____ () C:\WINDOWS\Minidump\022215-22390-01.dmp
2015-02-22 10:17 - 2015-02-22 10:17 - 01076843 _____ () C:\Users\Calimera\Downloads\StromlaufplanAstraGMJ98-00.rar
2015-02-20 22:20 - 2015-02-20 22:20 - 00296368 _____ () C:\WINDOWS\Minidump\022015-18343-01.dmp
2015-02-19 20:07 - 2015-02-19 20:07 - 00002271 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 20:07 - 2015-02-19 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-19 20:03 - 2015-02-19 20:03 - 00880208 _____ (Google Inc.) C:\Users\Calimera\Downloads\ChromeSetup (2).exe
2015-02-19 14:06 - 2015-02-19 14:06 - 02126848 _____ () C:\Users\Calimera\Desktop\adwcleaner_4.111.exe
2015-02-19 01:31 - 2015-02-19 01:31 - 00295384 _____ () C:\WINDOWS\Minidump\021915-23875-01.dmp
2015-02-18 20:42 - 2015-02-18 20:43 - 62692000 _____ (DVDVideoSoft Ltd. ) C:\Users\Calimera\Downloads\FreeStudio.exe
2015-02-18 02:47 - 2015-02-18 02:47 - 00001095 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\Users\Calimera\AppData\Local\PDF24
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-02-18 02:46 - 2015-02-18 02:46 - 16342352 _____ (Geek Software GmbH ) C:\Users\Calimera\Downloads\pdf24-creator-6.9.2.exe
2015-02-18 02:41 - 2015-02-18 02:41 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\PDF Architect 2
2015-02-18 02:24 - 2015-02-18 02:24 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2015-02-18 02:12 - 2015-02-18 02:13 - 27721680 _____ (pdfforge ) C:\Users\Calimera\Downloads\PDFCreator-2_0_2-setup.exe
2015-02-17 22:03 - 2015-02-19 13:55 - 00000000 ____D () C:\Users\Calimera\Desktop\AntragStadtHof
2015-02-17 01:54 - 2015-02-17 01:54 - 00294936 _____ () C:\WINDOWS\Minidump\021715-26921-01.dmp
2015-02-15 10:36 - 2015-02-15 10:36 - 00299720 _____ () C:\WINDOWS\Minidump\021515-25781-01.dmp
2015-02-12 12:02 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-12 12:02 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 22:58 - 2015-02-11 22:58 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-11 10:12 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 10:12 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 10:12 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 10:12 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 10:12 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 10:12 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 10:12 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 10:12 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 10:12 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 10:12 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 10:12 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 10:12 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 10:12 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 10:12 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 10:12 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 10:12 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 10:12 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 10:12 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 10:12 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 10:12 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 10:12 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 10:12 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 10:12 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 10:12 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 10:12 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 10:12 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 10:12 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 10:12 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 10:12 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 10:12 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 10:12 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 10:12 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 10:12 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 10:12 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 10:12 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 10:12 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 10:12 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 10:12 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 10:12 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 10:12 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 10:12 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 10:12 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 10:12 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 10:12 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 10:12 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 10:12 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 10:12 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 10:12 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 10:12 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 10:12 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 10:12 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-11 10:12 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-11 10:12 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-11 10:12 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-11 10:12 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-11 10:12 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-11 10:12 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-11 10:12 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-11 10:11 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-11 10:11 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-11 10:11 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-11 10:11 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 10:11 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-11 10:11 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-02-10 18:40 - 2015-02-28 13:37 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D1A1490C-51CB-4877-B509-9A2E4514D98B}
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieUserList
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieSiteList
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieBrowserModeList
2015-02-10 18:35 - 2015-02-10 18:36 - 00293624 _____ () C:\WINDOWS\Minidump\021015-37296-01.dmp
2015-02-09 20:44 - 2015-02-09 20:44 - 00301192 _____ () C:\WINDOWS\Minidump\020915-21687-01.dmp
2015-02-09 15:30 - 2015-02-22 21:43 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-09 15:30 - 2015-02-09 15:30 - 00294904 _____ () C:\WINDOWS\Minidump\020915-18328-01.dmp
2015-02-08 18:37 - 2015-02-19 12:26 - 00010752 ___SH () C:\Users\Calimera\Desktop\Thumbs.db
2015-02-08 18:13 - 2015-02-08 18:13 - 00000000 ____D () C:\Users\Calimera\Documents\ProcAlyzer Dumps
2015-02-08 18:08 - 2015-02-08 18:08 - 00000150 _____ () C:\WINDOWS\wininit.ini
2015-02-08 17:20 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-08 17:20 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-08 17:20 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-08 17:20 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-08 17:20 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-08 17:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-08 17:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-08 17:17 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-08 17:17 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-08 17:15 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-08 17:15 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-08 17:15 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-08 17:15 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-08 17:10 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-08 17:10 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-08 17:08 - 2015-02-08 17:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-02-08 17:07 - 2015-02-08 17:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-08 17:07 - 2015-02-08 17:17 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-08 17:07 - 2015-02-08 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-08 17:07 - 2015-02-08 17:07 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-08 17:07 - 2015-02-08 17:07 - 00001395 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-08 17:07 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-02-08 17:04 - 2015-02-08 17:06 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Calimera\Downloads\spybot-2.4.exe
2015-02-08 17:00 - 2015-02-08 17:00 - 02112512 _____ () C:\Users\Calimera\Downloads\adwcleaner_4.110.exe
2015-02-08 17:00 - 2015-02-08 17:00 - 02112512 _____ () C:\Users\Calimera\Downloads\adwcleaner_4.110 (1).exe
2015-02-07 20:28 - 2015-02-07 20:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-02-06 20:56 - 2015-02-06 20:56 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-06 20:40 - 2015-02-06 20:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-06 20:37 - 2015-02-06 20:37 - 00001454 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-06 20:37 - 2015-02-06 20:37 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-06 20:36 - 2015-02-06 20:36 - 00000020 ___SH () C:\Users\Calimera\ntuser.ini
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-06 20:33 - 2015-02-06 20:33 - 06103040 _____ () C:\Program Files (x86)\GUT113F.tmp
2015-02-06 20:33 - 2015-02-06 20:33 - 00000000 ____D () C:\Program Files (x86)\GUM112E.tmp
2015-02-06 20:31 - 2015-02-06 20:31 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-06 20:08 - 2015-02-06 20:08 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-06 20:02 - 2015-02-06 20:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-06 20:00 - 2015-02-24 19:03 - 00000000 ____D () C:\Users\Calimera
2015-02-06 20:00 - 2015-02-06 20:01 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Vorlagen
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Startmenü
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Netzwerkumgebung
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Lokale Einstellungen
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Eigene Dateien
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Druckumgebung
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Documents\Eigene Musik
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Documents\Eigene Bilder
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Local\Verlauf
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Local\Anwendungsdaten
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Anwendungsdaten
2015-02-06 20:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-06 20:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-06 20:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-06 20:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-06 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-06 19:56 - 2015-02-06 20:31 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2015-02-06 19:56 - 2015-02-06 20:31 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2015-02-06 19:49 - 2015-02-28 14:12 - 01774227 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-06 19:49 - 2015-02-06 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\Program Files\Realtek
2015-02-06 19:49 - 2013-08-29 23:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 01042208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-02-06 19:49 - 2013-08-29 23:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-02-06 19:49 - 2013-08-29 21:28 - 03349466 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-06 19:48 - 2015-02-06 19:48 - 00000000 ____D () C:\Program Files\Elantech
2015-02-06 19:47 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-02-06 19:47 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-02-06 19:44 - 2015-02-06 21:09 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-06 19:43 - 2015-02-06 19:43 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-06 19:43 - 2015-02-06 19:43 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-06 19:43 - 2015-02-06 19:43 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-06 19:43 - 2015-02-06 19:43 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-06 19:41 - 2015-02-06 19:41 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-06 19:41 - 2015-02-06 19:41 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-06 19:40 - 2015-02-06 19:40 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-06 19:30 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-06 19:30 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-06 19:29 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-06 19:29 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-01 20:16 - 2015-02-06 20:53 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-01-31 19:22 - 2015-02-06 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-31 19:22 - 2015-01-31 19:22 - 13087456 _____ (Microsoft Corporation) C:\Users\Calimera\Downloads\Silverlight_x64.exe
2015-01-31 19:22 - 2015-01-31 19:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-31 19:22 - 2015-01-31 19:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-31 12:26 - 2015-01-31 12:26 - 00000000 ____D () C:\ProgramData\HP
2015-01-30 21:09 - 2014-10-22 04:34 - 00010777 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-01-30 21:01 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-01-30 21:01 - 2014-11-22 11:46 - 00035472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-01-30 21:01 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 14:05 - 2014-03-24 13:29 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-28 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-28 13:46 - 2013-04-16 20:04 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4209576780-459793780-3707532381-1002
2015-02-28 13:41 - 2013-04-18 09:06 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-28 13:40 - 2014-11-26 00:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-28 13:40 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-28 13:40 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-28 13:40 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-28 13:35 - 2014-08-14 11:27 - 00000438 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-02-28 13:34 - 2013-04-18 09:06 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-28 13:33 - 2014-11-20 19:24 - 00009824 _____ () C:\WINDOWS\PFRO.log
2015-02-28 13:33 - 2013-08-22 15:46 - 00304796 _____ () C:\WINDOWS\setupact.log
2015-02-28 13:33 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-28 13:15 - 2014-02-22 03:00 - 827709122 _____ () C:\WINDOWS\MEMORY.DMP
2015-02-27 20:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-25 20:44 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-22 21:50 - 2014-03-20 00:43 - 00000000 ____D () C:\AdwCleaner
2015-02-21 00:22 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-02-19 20:07 - 2013-04-18 09:06 - 00000000 ____D () C:\Users\Calimera\AppData\Local\Google
2015-02-19 20:06 - 2013-04-18 09:06 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-19 13:23 - 2013-07-17 20:52 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\DVDVideoSoft
2015-02-18 22:07 - 2014-01-25 22:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-18 20:48 - 2014-05-01 21:24 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\vlc
2015-02-18 02:00 - 2015-01-19 23:42 - 00000000 ____D () C:\Users\Calimera\Desktop\Vordrucke
2015-02-12 14:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-12 11:51 - 2014-09-07 21:59 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-02-12 11:51 - 2014-09-07 21:55 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-02-12 11:51 - 2014-09-07 21:55 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-02-11 23:02 - 2013-08-22 15:44 - 00363176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-11 23:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-11 22:58 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-11 12:55 - 2013-09-11 11:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 12:51 - 2013-04-22 19:41 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-10 11:25 - 2014-07-16 09:33 - 00000000 ____D () C:\Users\Calimera\Desktop\EquineDreams
2015-02-09 20:53 - 2014-09-07 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-09 20:53 - 2014-09-07 21:55 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-09 20:53 - 2014-08-14 14:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-09 17:10 - 2013-04-16 19:56 - 00000000 ____D () C:\Users\Calimera\AppData\Local\Packages
2015-02-09 00:25 - 2014-05-04 21:38 - 00000000 ____D () C:\Users\Calimera\Desktop\Alles fürn Schatz
2015-02-08 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-08 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-07 20:25 - 2013-05-07 10:45 - 00000000 ____D () C:\Users\Calimera\Desktop\Bilder
2015-02-06 20:36 - 2013-04-18 09:06 - 00004108 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 20:36 - 2013-04-18 09:06 - 00003872 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-06 20:35 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-06 20:31 - 2015-01-17 21:20 - 00012816 _____ () C:\WINDOWS\comsetup.log
2015-02-06 20:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-06 20:26 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-06 20:26 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-06 20:12 - 2014-12-08 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-02-06 20:12 - 2014-12-01 11:10 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-02-06 20:12 - 2014-11-08 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-06 20:12 - 2014-08-27 11:45 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-06 20:12 - 2014-08-27 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-06 20:12 - 2014-07-31 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-02-06 20:12 - 2014-07-31 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-06 20:12 - 2014-06-02 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-02-06 20:12 - 2014-05-01 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-06 20:12 - 2014-03-25 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-02-06 20:12 - 2014-01-25 23:01 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-06 20:12 - 2014-01-25 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-06 20:12 - 2013-12-13 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-02-06 20:12 - 2013-10-01 14:45 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-02-06 20:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-06 20:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-06 20:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-06 20:12 - 2013-04-27 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-06 20:12 - 2013-04-18 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-06 20:12 - 2012-10-20 08:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-06 20:12 - 2012-10-20 07:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-06 20:12 - 2012-09-01 19:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-06 20:12 - 2012-09-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-06 20:12 - 2012-09-01 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-06 20:09 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-06 20:09 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-06 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-06 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-06 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-06 20:04 - 2015-01-06 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-02-06 20:04 - 2014-05-20 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG
2015-02-06 20:04 - 2014-05-20 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
2015-02-06 20:04 - 2014-03-30 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-02-06 20:04 - 2014-03-30 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
2015-02-06 20:04 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-06 20:04 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-06 20:04 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-06 20:04 - 2012-09-01 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-06 20:04 - 2012-09-01 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-06 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-06 20:02 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-02-06 19:49 - 2014-05-04 00:59 - 00000000 ____D () C:\temp
2015-02-06 19:44 - 2015-01-28 20:21 - 00000000 __SHD () C:\Recovery
2015-02-06 19:43 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-06 19:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-06 19:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-06 19:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-06 19:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-05 21:05 - 2013-04-16 19:56 - 01326630 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-02-04 22:05 - 2014-03-24 13:29 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 01:25 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-01-29 06:06 - 2014-03-24 13:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan

==================== Files in the root of some directories =======

2015-02-06 20:33 - 2015-02-06 20:33 - 6103040 _____ () C:\Program Files (x86)\GUT113F.tmp
2014-03-15 23:56 - 2014-03-19 21:40 - 0000112 _____ () C:\Users\Calimera\AppData\Roaming\WB.CFG
2014-12-18 20:25 - 2014-12-18 20:25 - 0002141 _____ () C:\Users\Calimera\AppData\Local\recently-used.xbel

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.10924.dll


Some content of TEMP:
====================
C:\Users\Calimera\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-25 20:42

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by Calimera at 2015-02-28 14:14:34
Running from C:\Users\Calimera\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.624 - Avira)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
DC Universe Online Live (HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\SOE-DC Universe Online Live PSG) (Version:  - Sony Online Entertainment)
DC Universe Online PSG (HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\soe-DC Universe Online PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
ETDWare PS/2-X64 11.6.8.001_WHQL (HKLM\...\Elantech) (Version: 11.6.8.001 - ELAN Microelectronic Corp.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
ICQ 8.1 (build 6337) (HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Insurgency: Modern Infantry Combat (HKLM-x32\...\Steam App 17700) (Version:  - Insurgency Development Team)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Kobo (HKLM-x32\...\Kobo) (Version: /Qt-5.2.0 - Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.5 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
mp3DirectCut Packages (HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\mp3DirectCut Packages) (Version:  - ) <==== ATTENTION
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3200 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 8.6.0.357 - Electronic Arts, Inc.)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SRWare Iron Version SRWare Iron 37.2000.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 37.2000.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VideoCam Suite 3.5 (HKLM-x32\...\{66D97020-1814-4DA8-A2AC-7CAED535F2D1}) (Version: 3.05.011.1031 - Panasonic Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4209576780-459793780-3707532381-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

12-02-2015 14:08:02 Windows Update
18-02-2015 02:26:38 Installed PDF Architect 2 View Module
25-02-2015 20:42:36 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {004A9BD8-EDC7-4DE8-A894-8EE41E1131B5} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {047DD29A-E6F3-4F3A-AF03-3F03C4E408C7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {30CEEE99-31DE-41C4-8637-5ACDADA7E73B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {400BFB4E-660E-4F32-8CA7-CEF261688561} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-18] (CyberLink)
Task: {478348E6-078B-4330-9C25-E1BE8D53FB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: {51D8CABD-85C3-4360-98A1-7EF25E2821F8} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {66FA40D8-46CA-4894-AD0A-03BDF40FA844} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {6CEDD6E2-E7EA-4233-AFDA-FFA454E894D4} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {77285A0E-A706-4AE5-B21F-E486F2A10D34} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {7D037C0F-C4A8-4A84-BD1C-3E9200A05607} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {7D794B3F-359E-4D64-8957-EF84D06171FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-18] (Google Inc.)
Task: {8A8DF02A-3E72-4DF0-8EFD-ABA9072780F9} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {93BAB413-2468-4484-B08E-2D3F72E0D1FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-18] (Google Inc.)
Task: {A776AB8E-5E5B-4E08-BCE2-BEE79D7C5E28} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {EEB74282-2645-47E7-BDD7-1B19BBB16784} - System32\Tasks\{73999B14-6A03-4A4E-B7D3-686D4C237874} => pcalua.exe -a "C:\Users\Calimera\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Zip Opener Packages\uninstaller.exe" -c /Uninstall /NM="Zip Opener Packages" /AN="0D0S1L2Z1P1B0T1P1B2Z" /MBN="Zip Opener Packages"
Task: {FC724662-820A-4BC4-A702-533315239431} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2012-08-23 07:26 - 2012-08-23 07:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 07:25 - 2012-08-23 07:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-02-08 17:07 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-08 17:07 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-08 17:07 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-08 17:07 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-08 17:07 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-10-01 14:45 - 2013-10-01 14:45 - 00851456 _____ () C:\Users\Calimera\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2012-10-20 07:42 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-02-19 20:06 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-19 20:06 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-19 20:06 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0C52AA8E

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4209576780-459793780-3707532381-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Calimera\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "VideoCam Suite.lnk"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "SweetIM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\StartupApproved\Run: => "icq"

==================== Accounts: =============================

Administrator (S-1-5-21-4209576780-459793780-3707532381-500 - Administrator - Disabled)
Calimera (S-1-5-21-4209576780-459793780-3707532381-1002 - Administrator - Enabled) => C:\Users\Calimera
Gast (S-1-5-21-4209576780-459793780-3707532381-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4209576780-459793780-3707532381-1025 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/27/2015 08:38:20 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (02/27/2015 08:34:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Calimero)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/27/2015 08:24:37 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.

Kontext: Windows Anwendung


Details:
        Nicht genügend Quoten, um den angeforderten Dienst auszuführen.  (HRESULT : 0x800705ad) (0x800705ad)

Error: (02/26/2015 09:27:27 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (02/26/2015 09:27:27 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (02/26/2015 09:27:27 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (02/25/2015 08:46:50 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (02/25/2015 08:46:50 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (02/25/2015 08:46:50 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (02/24/2015 01:11:55 PM) (Source: ESENT) (EventID: 104) (User: )
Description: wuaueng.dll (540) SUS20ClientDataStore: Das Datenbankmodul hat die Instanz (0) mit einem Fehler (-1011) beendet.



Interne Zeitsteuerungsabfolge: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.


System errors:
=============
Error: (02/28/2015 01:35:46 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (02/28/2015 01:35:46 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (02/28/2015 01:35:46 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (02/28/2015 01:35:45 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (02/28/2015 01:35:20 PM) (Source: DCOM) (EventID: 10016) (User: Calimero)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CalimeroCalimeraS-1-5-21-4209576780-459793780-3707532381-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/28/2015 01:35:19 PM) (Source: DCOM) (EventID: 10016) (User: Calimero)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CalimeroCalimeraS-1-5-21-4209576780-459793780-3707532381-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/28/2015 01:35:19 PM) (Source: DCOM) (EventID: 10016) (User: Calimero)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CalimeroCalimeraS-1-5-21-4209576780-459793780-3707532381-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/28/2015 01:35:19 PM) (Source: DCOM) (EventID: 10016) (User: Calimero)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CalimeroCalimeraS-1-5-21-4209576780-459793780-3707532381-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/28/2015 01:35:19 PM) (Source: DCOM) (EventID: 10016) (User: Calimero)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CalimeroCalimeraS-1-5-21-4209576780-459793780-3707532381-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/28/2015 01:35:19 PM) (Source: DCOM) (EventID: 10016) (User: Calimero)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}CalimeroCalimeraS-1-5-21-4209576780-459793780-3707532381-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (02/27/2015 08:38:20 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description:

Error: (02/27/2015 08:34:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Calimero)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (02/27/2015 08:24:37 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Kontext: Windows Anwendung


Details:
        Nicht genügend Quoten, um den angeforderten Dienst auszuführen.  (HRESULT : 0x800705ad) (0x800705ad)
C:\

Error: (02/26/2015 09:27:27 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (02/26/2015 09:27:27 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (02/26/2015 09:27:27 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (02/25/2015 08:46:50 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (02/25/2015 08:46:50 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (02/25/2015 08:46:50 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (02/24/2015 01:11:55 PM) (Source: ESENT) (EventID: 104) (User: )
Description: wuaueng.dll540SUS20ClientDataStore: 0-1011[1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 53%
Total physical RAM: 3911.27 MB
Available physical RAM: 1824.02 MB
Total Pagefile: 7879.27 MB
Available Pagefile: 5321.68 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.75 GB) (Free:320.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F461C60C)

Partition: GPT Partition Type.

==================== End Of Log ============================
--- --- ---

schrauber 28.02.2015 18:46
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    mp3DirectCut Packages


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Calimera 28.02.2015 22:29
Hallo

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 28.02.2015
Suchlauf-Zeit: 21:24:37
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.28.05
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Calimera

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 364470
Verstrichene Zeit: 29 Min, 28 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 10
PUP.Optional.RollAround.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{83c0e288-8fa0-43d3-acc7-c1e839d85abc}, In Quarantäne, [eee74ad94347ae884bd3ab63010246ba],
PUP.Optional.RollAround.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{506ddb16-455a-4746-ad77-d23228955fd3}, In Quarantäne, [eee74ad94347ae884bd3ab63010246ba],
PUP.Optional.RollAround.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{22E9CC7A-04B2-4558-A993-763395274E42}, In Quarantäne, [eee74ad94347ae884bd3ab63010246ba],
PUP.Optional.RollAround.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{22E9CC7A-04B2-4558-A993-763395274E42}, In Quarantäne, [eee74ad94347ae884bd3ab63010246ba],
PUP.Optional.RollAround.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{506ddb16-455a-4746-ad77-d23228955fd3}, In Quarantäne, [eee74ad94347ae884bd3ab63010246ba],
PUP.Optional.RollAround.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{83C0E288-8FA0-43D3-ACC7-C1E839D85ABC}, In Quarantäne, [eee74ad94347ae884bd3ab63010246ba],
PUP.Optional.RollAround.A, HKU\S-1-5-21-4209576780-459793780-3707532381-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{83C0E288-8FA0-43D3-ACC7-C1E839D85ABC}, Löschen bei Neustart, [eee74ad94347ae884bd3ab63010246ba],
PUP.Optional.RollAround.A, HKU\S-1-5-21-4209576780-459793780-3707532381-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{83C0E288-8FA0-43D3-ACC7-C1E839D85ABC}, Löschen bei Neustart, [eee74ad94347ae884bd3ab63010246ba],
PUP.Optional.VGrabber.A, HKU\S-1-5-21-4209576780-459793780-3707532381-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{d78b6094-2202-49e9-97b7-d9f31635bc08}, Löschen bei Neustart, [d4015bc8a7e337ff34ee17fb50b3c33d],
PUP.Optional.RollAround.A, HKLM\SOFTWARE\WOW6432NODE\RollAround, In Quarantäne, [24b18e957b0f4de9423acece4cb71ee2],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 4
PUP.Optional.OpenCandy, C:\Users\Calimera\Downloads\FreemakeVideoConverterSetup.exe, In Quarantäne, [0acbd94a5e2c15211523be7938c903fd],
PUP.Optional.BundleInstaller.A, C:\Users\Calimera\Downloads\Setup (1).exe, In Quarantäne, [be1746dd92f815218e1b48f2629ea060],
PUP.Optional.Somoto.A, C:\Users\Calimera\Downloads\7ZipSetup.exe, In Quarantäne, [41940f14d3b70036543285b380800af6],
PUP.Optional.RollAround.A, C:\Users\Calimera\AppData\Roaming\Mozilla\Firefox\Profiles\i2k9c7ah.default\extensions\{711c82f1-361e-4764-aa28-cdd55ff6117e}.xpi, In Quarantäne, [8550c0634446df574124148861a2b44c],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

AdwCleaner Logfile:
Code:
# AdwCleaner v4.111 - Bericht erstellt 28/02/2015 um 22:06:07
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Calimera - CALIMERO
# Gestarted von : C:\Users\Calimera\Downloads\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0 (x86 de)


-\\ Google Chrome v40.0.2214.115


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [10152 Bytes] - [20/03/2014 00:43:35]
AdwCleaner[R10].txt - [3476 Bytes] - [30/04/2014 15:58:21]
AdwCleaner[R11].txt - [6249 Bytes] - [18/05/2014 20:15:26]
AdwCleaner[R12].txt - [2214 Bytes] - [03/06/2014 11:21:14]
AdwCleaner[R13].txt - [3829 Bytes] - [08/07/2014 01:44:36]
AdwCleaner[R14].txt - [2180 Bytes] - [14/07/2014 12:06:11]
AdwCleaner[R15].txt - [2302 Bytes] - [16/07/2014 11:01:09]
AdwCleaner[R16].txt - [2424 Bytes] - [16/07/2014 11:06:27]
AdwCleaner[R17].txt - [2834 Bytes] - [02/09/2014 20:38:26]
AdwCleaner[R18].txt - [2937 Bytes] - [28/10/2014 09:20:39]
AdwCleaner[R19].txt - [3310 Bytes] - [08/02/2015 17:26:17]
AdwCleaner[R1].txt - [996 Bytes] - [20/03/2014 00:53:22]
AdwCleaner[R20].txt - [4210 Bytes] - [19/02/2015 14:06:39]
AdwCleaner[R21].txt - [2913 Bytes] - [22/02/2015 21:48:22]
AdwCleaner[R22].txt - [2973 Bytes] - [28/02/2015 22:04:39]
AdwCleaner[R2].txt - [1121 Bytes] - [24/03/2014 13:36:11]
AdwCleaner[R3].txt - [1241 Bytes] - [24/03/2014 13:43:00]
AdwCleaner[R4].txt - [1301 Bytes] - [24/03/2014 13:45:14]
AdwCleaner[R5].txt - [1422 Bytes] - [24/03/2014 13:48:22]
AdwCleaner[R6].txt - [1482 Bytes] - [26/03/2014 14:07:54]
AdwCleaner[R7].txt - [1542 Bytes] - [31/03/2014 19:06:36]
AdwCleaner[R8].txt - [1726 Bytes] - [16/04/2014 16:17:26]
AdwCleaner[R9].txt - [3416 Bytes] - [30/04/2014 15:56:28]
AdwCleaner[S0].txt - [8124 Bytes] - [20/03/2014 00:45:49]
AdwCleaner[S10].txt - [2364 Bytes] - [16/07/2014 11:02:17]
AdwCleaner[S11].txt - [2896 Bytes] - [02/09/2014 20:40:40]
AdwCleaner[S12].txt - [2926 Bytes] - [28/10/2014 09:30:14]
AdwCleaner[S13].txt - [4272 Bytes] - [19/02/2015 14:08:55]
AdwCleaner[S14].txt - [2363 Bytes] - [28/02/2015 22:06:07]
AdwCleaner[S1].txt - [1056 Bytes] - [20/03/2014 00:54:13]
AdwCleaner[S2].txt - [1183 Bytes] - [24/03/2014 13:37:15]
AdwCleaner[S3].txt - [1363 Bytes] - [24/03/2014 13:46:07]
AdwCleaner[S4].txt - [1797 Bytes] - [16/04/2014 16:18:06]
AdwCleaner[S5].txt - [3544 Bytes] - [30/04/2014 15:59:31]
AdwCleaner[S6].txt - [5876 Bytes] - [18/05/2014 20:16:37]
AdwCleaner[S7].txt - [2274 Bytes] - [03/06/2014 11:22:31]
AdwCleaner[S8].txt - [3602 Bytes] - [08/07/2014 01:45:56]
AdwCleaner[S9].txt - [2241 Bytes] - [14/07/2014 12:07:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [2954  Bytes] ##########
--- --- ---


Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 x64
Ran by Calimera on 28.02.2015 at 22:13:05,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update mega browse
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update towertilt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util mega browse



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Calimera\appdata\local\cre"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.02.2015 at 22:16:05,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Calimera (administrator) on CALIMERO on 28-02-2015 22:18:53
Running from C:\Users\Calimera\Downloads
Loaded Profiles: Calimera (Available profiles: Calimera)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Run: [icq] => C:\Users\Calimera\AppData\Roaming\ICQM\icq.exe [28698984 2013-10-01] (ICQ)
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoCam Suite.lnk
ShortcutTarget: VideoCam Suite.lnk -> C:\Program Files (x86)\Common Files\Panasonic\VideoCam Suite AutoStart\VideoCamSuiteAutoStart.exe (Panasonic Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4209576780-459793780-3707532381-1002 -> {910587C8-EEA0-4DAD-BA32-3AFDE73D6B25} URL =
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Calimera\AppData\Roaming\Mozilla\Firefox\Profiles\i2k9c7ah.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Calimera\AppData\Roaming\Mozilla\Firefox\Profiles\i2k9c7ah.default\Extensions\abs@avira.com [2015-02-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-19]
CHR Extension: (Google Docs) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-19]
CHR Extension: (Google Drive) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-20]
CHR Extension: (YouTube) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-19]
CHR Extension: (Google Search) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-19]
CHR Extension: (Google Sheets) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-19]
CHR Extension: (Avira Browser Safety) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-19]
CHR Extension: (Google Wallet) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-19]
CHR Extension: (Gmail) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-19]
CHR HKU\S-1-5-21-4209576780-459793780-3707532381-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Calimera\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Calimera\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-20] (Dritek System INC.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-20] (Dritek System Inc.)
R3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 22:16 - 2015-02-28 22:16 - 00001137 _____ () C:\Users\Calimera\Desktop\JRT.txt
2015-02-28 22:11 - 2015-02-28 22:12 - 01388274 _____ (Thisisu) C:\Users\Calimera\Downloads\JRT.exe
2015-02-28 22:10 - 2015-02-28 22:10 - 00003035 _____ () C:\Users\Calimera\Desktop\AdwCleaner[S14].txt
2015-02-28 22:03 - 2015-02-28 22:04 - 02126848 _____ () C:\Users\Calimera\Downloads\AdwCleaner_4.111.exe
2015-02-28 22:03 - 2015-02-28 22:03 - 00003647 _____ () C:\Users\Calimera\Desktop\mbam.txt
2015-02-28 21:24 - 2015-02-28 22:01 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-28 21:24 - 2015-02-28 21:24 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-28 21:24 - 2015-02-28 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-28 21:24 - 2015-02-28 21:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-28 21:24 - 2015-02-28 21:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-28 21:24 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-28 21:24 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-28 21:24 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-28 21:22 - 2015-02-28 21:23 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Calimera\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-28 21:16 - 2015-02-28 21:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Calimera\Downloads\revosetup95.exe
2015-02-28 21:16 - 2015-02-28 21:16 - 00001284 _____ () C:\Users\Calimera\Desktop\Revo Uninstaller.lnk
2015-02-28 21:16 - 2015-02-28 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-28 21:10 - 2015-02-28 21:10 - 00301472 _____ () C:\WINDOWS\Minidump\022815-35109-01.dmp
2015-02-28 18:27 - 2015-02-28 18:27 - 00000000 ____D () C:\Users\Calimera\AppData\Local\Steam
2015-02-28 15:28 - 2015-02-28 15:28 - 00031429 _____ () C:\Users\Calimera\Desktop\addition.txt
2015-02-28 15:27 - 2015-02-28 15:27 - 00061260 _____ () C:\Users\Calimera\Desktop\FRST.txt
2015-02-28 14:14 - 2015-02-28 14:15 - 00031429 _____ () C:\Users\Calimera\Downloads\Addition.txt
2015-02-28 14:13 - 2015-02-28 22:18 - 00018710 _____ () C:\Users\Calimera\Downloads\FRST.txt
2015-02-28 14:12 - 2015-02-28 22:18 - 00000000 ____D () C:\FRST
2015-02-28 14:12 - 2015-02-28 14:12 - 02087936 _____ (Farbar) C:\Users\Calimera\Downloads\FRST64.exe
2015-02-28 13:40 - 2015-02-28 13:40 - 00243576 _____ () C:\Users\Calimera\Downloads\Firefox Setup Stub 36.0.exe
2015-02-28 13:40 - 2015-02-28 13:40 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-28 13:40 - 2015-02-28 13:40 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-28 13:40 - 2015-02-28 13:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-28 13:16 - 2015-02-28 13:16 - 00295984 _____ () C:\WINDOWS\Minidump\022815-19625-01.dmp
2015-02-25 19:57 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 19:57 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-24 13:25 - 2015-02-24 13:25 - 00014816 _____ () C:\Users\Calimera\Documents\kündigung martina.odt
2015-02-22 21:43 - 2015-02-22 21:43 - 00297520 _____ () C:\WINDOWS\Minidump\022215-22390-01.dmp
2015-02-22 10:17 - 2015-02-22 10:17 - 01076843 _____ () C:\Users\Calimera\Downloads\StromlaufplanAstraGMJ98-00.rar
2015-02-20 22:20 - 2015-02-20 22:20 - 00296368 _____ () C:\WINDOWS\Minidump\022015-18343-01.dmp
2015-02-19 20:07 - 2015-02-19 20:07 - 00002271 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 20:07 - 2015-02-19 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-19 20:03 - 2015-02-19 20:03 - 00880208 _____ (Google Inc.) C:\Users\Calimera\Downloads\ChromeSetup (2).exe
2015-02-19 14:06 - 2015-02-19 14:06 - 02126848 _____ () C:\Users\Calimera\Desktop\adwcleaner_4.111.exe
2015-02-19 01:31 - 2015-02-19 01:31 - 00295384 _____ () C:\WINDOWS\Minidump\021915-23875-01.dmp
2015-02-18 20:42 - 2015-02-18 20:43 - 62692000 _____ (DVDVideoSoft Ltd. ) C:\Users\Calimera\Downloads\FreeStudio.exe
2015-02-18 02:47 - 2015-02-18 02:47 - 00001095 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\Users\Calimera\AppData\Local\PDF24
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-02-18 02:46 - 2015-02-18 02:46 - 16342352 _____ (Geek Software GmbH ) C:\Users\Calimera\Downloads\pdf24-creator-6.9.2.exe
2015-02-18 02:41 - 2015-02-18 02:41 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\PDF Architect 2
2015-02-18 02:24 - 2015-02-18 02:24 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2015-02-18 02:12 - 2015-02-18 02:13 - 27721680 _____ (pdfforge ) C:\Users\Calimera\Downloads\PDFCreator-2_0_2-setup.exe
2015-02-17 22:03 - 2015-02-19 13:55 - 00000000 ____D () C:\Users\Calimera\Desktop\AntragStadtHof
2015-02-17 01:54 - 2015-02-17 01:54 - 00294936 _____ () C:\WINDOWS\Minidump\021715-26921-01.dmp
2015-02-15 10:36 - 2015-02-15 10:36 - 00299720 _____ () C:\WINDOWS\Minidump\021515-25781-01.dmp
2015-02-12 12:02 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-12 12:02 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 22:58 - 2015-02-11 22:58 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-11 10:12 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 10:12 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 10:12 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 10:12 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 10:12 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 10:12 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 10:12 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 10:12 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 10:12 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 10:12 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 10:12 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 10:12 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 10:12 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 10:12 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 10:12 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 10:12 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 10:12 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 10:12 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 10:12 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 10:12 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 10:12 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 10:12 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 10:12 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 10:12 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 10:12 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 10:12 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 10:12 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 10:12 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 10:12 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 10:12 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 10:12 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 10:12 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 10:12 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 10:12 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 10:12 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 10:12 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 10:12 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 10:12 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 10:12 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 10:12 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 10:12 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 10:12 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 10:12 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 10:12 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 10:12 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 10:12 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 10:12 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 10:12 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 10:12 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 10:12 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 10:12 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-11 10:12 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-11 10:12 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-11 10:12 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-11 10:12 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-11 10:12 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-11 10:12 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-11 10:12 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-11 10:11 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-11 10:11 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-11 10:11 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-11 10:11 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 10:11 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-11 10:11 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-02-10 18:40 - 2015-02-28 19:49 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D1A1490C-51CB-4877-B509-9A2E4514D98B}
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieUserList
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieSiteList
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieBrowserModeList
2015-02-10 18:35 - 2015-02-10 18:36 - 00293624 _____ () C:\WINDOWS\Minidump\021015-37296-01.dmp
2015-02-09 20:44 - 2015-02-09 20:44 - 00301192 _____ () C:\WINDOWS\Minidump\020915-21687-01.dmp
2015-02-09 15:30 - 2015-02-28 21:10 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-09 15:30 - 2015-02-09 15:30 - 00294904 _____ () C:\WINDOWS\Minidump\020915-18328-01.dmp
2015-02-08 18:37 - 2015-02-19 12:26 - 00010752 ___SH () C:\Users\Calimera\Desktop\Thumbs.db
2015-02-08 18:13 - 2015-02-08 18:13 - 00000000 ____D () C:\Users\Calimera\Documents\ProcAlyzer Dumps
2015-02-08 17:20 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-08 17:20 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-08 17:20 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-08 17:20 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-08 17:20 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-08 17:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-08 17:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-08 17:17 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-08 17:17 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-08 17:15 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-08 17:15 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-08 17:15 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-08 17:15 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-08 17:10 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-08 17:10 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-08 17:08 - 2015-02-08 17:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-02-08 17:07 - 2015-02-08 17:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-08 17:07 - 2015-02-08 17:17 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-08 17:07 - 2015-02-08 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-08 17:07 - 2015-02-08 17:07 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-08 17:07 - 2015-02-08 17:07 - 00001395 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-08 17:07 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-02-08 17:04 - 2015-02-08 17:06 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Calimera\Downloads\spybot-2.4.exe
2015-02-08 17:00 - 2015-02-08 17:00 - 02112512 _____ () C:\Users\Calimera\Downloads\adwcleaner_4.110.exe
2015-02-08 17:00 - 2015-02-08 17:00 - 02112512 _____ () C:\Users\Calimera\Downloads\adwcleaner_4.110 (1).exe
2015-02-07 20:28 - 2015-02-07 20:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-02-06 20:56 - 2015-02-06 20:56 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-06 20:40 - 2015-02-06 20:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-06 20:37 - 2015-02-06 20:37 - 00001454 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-06 20:37 - 2015-02-06 20:37 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-06 20:36 - 2015-02-06 20:36 - 00000020 ___SH () C:\Users\Calimera\ntuser.ini
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-06 20:33 - 2015-02-06 20:33 - 06103040 _____ () C:\Program Files (x86)\GUT113F.tmp
2015-02-06 20:33 - 2015-02-06 20:33 - 00000000 ____D () C:\Program Files (x86)\GUM112E.tmp
2015-02-06 20:31 - 2015-02-06 20:31 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-06 20:08 - 2015-02-06 20:08 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-06 20:02 - 2015-02-06 20:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-06 20:00 - 2015-02-28 21:55 - 00000000 ____D () C:\Users\Calimera
2015-02-06 20:00 - 2015-02-06 20:01 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Vorlagen
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Startmenü
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Netzwerkumgebung
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Lokale Einstellungen
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Eigene Dateien
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Druckumgebung
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Documents\Eigene Musik
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Documents\Eigene Bilder
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Local\Verlauf
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Local\Anwendungsdaten
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Anwendungsdaten
2015-02-06 20:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-06 20:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-06 20:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-06 20:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-06 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-06 19:56 - 2015-02-06 20:31 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2015-02-06 19:56 - 2015-02-06 20:31 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2015-02-06 19:49 - 2015-02-28 21:47 - 01838278 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-06 19:49 - 2015-02-06 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\Program Files\Realtek
2015-02-06 19:49 - 2013-08-29 23:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 01042208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-02-06 19:49 - 2013-08-29 23:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-02-06 19:49 - 2013-08-29 21:28 - 03349466 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-06 19:48 - 2015-02-06 19:48 - 00000000 ____D () C:\Program Files\Elantech
2015-02-06 19:47 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-02-06 19:47 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-02-06 19:44 - 2015-02-06 21:09 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-06 19:43 - 2015-02-06 19:43 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-06 19:43 - 2015-02-06 19:43 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-06 19:43 - 2015-02-06 19:43 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-06 19:43 - 2015-02-06 19:43 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-06 19:41 - 2015-02-06 19:41 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-06 19:41 - 2015-02-06 19:41 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-06 19:40 - 2015-02-06 19:40 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-06 19:30 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-06 19:30 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-06 19:29 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-06 19:29 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-01 20:16 - 2015-02-06 20:53 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-01-31 19:22 - 2015-02-06 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-31 19:22 - 2015-01-31 19:22 - 13087456 _____ (Microsoft Corporation) C:\Users\Calimera\Downloads\Silverlight_x64.exe
2015-01-31 19:22 - 2015-01-31 19:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-31 19:22 - 2015-01-31 19:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-31 12:26 - 2015-01-31 12:26 - 00000000 ____D () C:\ProgramData\HP
2015-01-30 21:09 - 2014-10-22 04:34 - 00010777 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-01-30 21:01 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-01-30 21:01 - 2014-11-22 11:46 - 00035472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-01-30 21:01 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 22:19 - 2013-04-16 20:04 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4209576780-459793780-3707532381-1002
2015-02-28 22:08 - 2014-08-14 11:27 - 00000438 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-02-28 22:07 - 2013-08-22 15:46 - 00305566 _____ () C:\WINDOWS\setupact.log
2015-02-28 22:07 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-28 22:07 - 2013-04-18 09:06 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-28 22:06 - 2014-11-20 19:24 - 00011658 _____ () C:\WINDOWS\PFRO.log
2015-02-28 22:06 - 2014-03-20 00:43 - 00000000 ____D () C:\AdwCleaner
2015-02-28 22:05 - 2014-03-24 13:29 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-28 22:03 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-28 22:03 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-28 22:03 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-28 22:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-28 21:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-28 21:41 - 2013-04-18 09:06 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-28 21:10 - 2014-02-22 03:00 - 828241602 _____ () C:\WINDOWS\MEMORY.DMP
2015-02-28 18:31 - 2014-01-25 22:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-28 13:40 - 2014-11-26 00:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-27 20:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-25 20:44 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-21 00:22 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-02-19 20:07 - 2013-04-18 09:06 - 00000000 ____D () C:\Users\Calimera\AppData\Local\Google
2015-02-19 20:06 - 2013-04-18 09:06 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-19 13:23 - 2013-07-17 20:52 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\DVDVideoSoft
2015-02-18 20:48 - 2014-05-01 21:24 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\vlc
2015-02-18 02:00 - 2015-01-19 23:42 - 00000000 ____D () C:\Users\Calimera\Desktop\Vordrucke
2015-02-12 14:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-12 11:51 - 2014-09-07 21:59 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-02-12 11:51 - 2014-09-07 21:55 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-02-12 11:51 - 2014-09-07 21:55 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-02-11 23:02 - 2013-08-22 15:44 - 00363176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-11 23:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-11 22:58 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-11 12:55 - 2013-09-11 11:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 12:51 - 2013-04-22 19:41 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-10 11:25 - 2014-07-16 09:33 - 00000000 ____D () C:\Users\Calimera\Desktop\EquineDreams
2015-02-09 20:53 - 2014-09-07 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-09 20:53 - 2014-09-07 21:55 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-09 20:53 - 2014-08-14 14:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-09 17:10 - 2013-04-16 19:56 - 00000000 ____D () C:\Users\Calimera\AppData\Local\Packages
2015-02-09 00:25 - 2014-05-04 21:38 - 00000000 ____D () C:\Users\Calimera\Desktop\Alles fürn Schatz
2015-02-08 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-08 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-07 20:25 - 2013-05-07 10:45 - 00000000 ____D () C:\Users\Calimera\Desktop\Bilder
2015-02-06 20:36 - 2013-04-18 09:06 - 00004108 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 20:36 - 2013-04-18 09:06 - 00003872 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-06 20:35 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-06 20:31 - 2015-01-17 21:20 - 00012816 _____ () C:\WINDOWS\comsetup.log
2015-02-06 20:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-06 20:26 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-06 20:26 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-06 20:12 - 2014-12-08 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-02-06 20:12 - 2014-12-01 11:10 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-02-06 20:12 - 2014-11-08 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-06 20:12 - 2014-08-27 11:45 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-06 20:12 - 2014-08-27 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-06 20:12 - 2014-07-31 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-02-06 20:12 - 2014-07-31 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-06 20:12 - 2014-06-02 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-02-06 20:12 - 2014-05-01 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-06 20:12 - 2014-03-25 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-02-06 20:12 - 2014-01-25 23:01 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-06 20:12 - 2014-01-25 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-06 20:12 - 2013-12-13 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-02-06 20:12 - 2013-10-01 14:45 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-02-06 20:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-06 20:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-06 20:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-06 20:12 - 2013-04-27 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-06 20:12 - 2013-04-18 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-06 20:12 - 2012-10-20 08:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-06 20:12 - 2012-10-20 07:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-06 20:12 - 2012-09-01 19:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-06 20:12 - 2012-09-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-06 20:12 - 2012-09-01 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-06 20:09 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-06 20:09 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-06 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-06 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-06 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-06 20:04 - 2015-01-06 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-02-06 20:04 - 2014-05-20 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG
2015-02-06 20:04 - 2014-05-20 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
2015-02-06 20:04 - 2014-03-30 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-02-06 20:04 - 2014-03-30 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
2015-02-06 20:04 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-06 20:04 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-06 20:04 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-06 20:04 - 2012-09-01 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-06 20:04 - 2012-09-01 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-06 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-06 20:02 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-02-06 19:49 - 2014-05-04 00:59 - 00000000 ____D () C:\temp
2015-02-06 19:44 - 2015-01-28 20:21 - 00000000 __SHD () C:\Recovery
2015-02-06 19:43 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-06 19:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-06 19:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-06 19:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-05 21:05 - 2013-04-16 19:56 - 01326630 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-02-04 22:05 - 2014-03-24 13:29 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 01:25 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-01-29 06:06 - 2014-03-24 13:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan

==================== Files in the root of some directories =======

2015-02-06 20:33 - 2015-02-06 20:33 - 6103040 _____ () C:\Program Files (x86)\GUT113F.tmp
2014-03-15 23:56 - 2014-03-19 21:40 - 0000112 _____ () C:\Users\Calimera\AppData\Roaming\WB.CFG
2014-12-18 20:25 - 2014-12-18 20:25 - 0002141 _____ () C:\Users\Calimera\AppData\Local\recently-used.xbel

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.10924.dll


Some content of TEMP:
====================
C:\Users\Calimera\AppData\Local\Temp\avgnt.exe
C:\Users\Calimera\AppData\Local\Temp\Quarantine.exe
C:\Users\Calimera\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-28 18:54

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

ich hoffe ich habe nichts vergessen ;)

schrauber 01.03.2015 15:48

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Calimera 06.03.2015 21:32
Hallo,

es hat leider etwas gedauert und ich bin mir nicht sicher ob der Log vom ESET richtig ist, denn es hat eigentlich einige Bedrohungen gefunden. Ich hatte allerdings zuvor auch den Fall das der Laptop während des ESET Scans abgestürzt ist. Folgender Fehler wurde mir dabei angezeigt: IRQL_NOT_LESS_OR_EQUAL

Hier also die Logs:

Code:
ESETSmartInstaller@High as downloader log:
all ok
Code:
Results of screen317's Security Check version 0.99.97 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop     
Windows Defender 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Java 7 Update 71 
 Java version 32-bit out of Date!
  Java 64-bit 8 Update 31 
 Adobe Flash Player        16.0.0.305 
 Mozilla Firefox (36.0)
 Google Chrome (40.0.2214.115)
 Google Chrome (41.0.2272.76)
````````Process Check: objlist.exe by Laurent```````` 
 Spybot Teatimer.exe is disabled!
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Calimera (administrator) on CALIMERO on 06-03-2015 21:25:12
Running from C:\Users\Calimera\Downloads
Loaded Profiles: Calimera (Available profiles: Calimera)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ICQ) C:\Users\Calimera\AppData\Roaming\ICQM\icq.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Run: [icq] => C:\Users\Calimera\AppData\Roaming\ICQM\icq.exe [28698984 2013-10-01] (ICQ)
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoCam Suite.lnk
ShortcutTarget: VideoCam Suite.lnk -> C:\Program Files (x86)\Common Files\Panasonic\VideoCam Suite AutoStart\VideoCamSuiteAutoStart.exe (Panasonic Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-4209576780-459793780-3707532381-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4209576780-459793780-3707532381-1002 -> {910587C8-EEA0-4DAD-BA32-3AFDE73D6B25} URL =
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Calimera\AppData\Roaming\Mozilla\Firefox\Profiles\i2k9c7ah.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Calimera\AppData\Roaming\Mozilla\Firefox\Profiles\i2k9c7ah.default\Extensions\abs@avira.com [2015-02-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-4209576780-459793780-3707532381-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-19]
CHR Extension: (Google Docs) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-19]
CHR Extension: (Google Drive) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-19]
CHR Extension: (YouTube) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-19]
CHR Extension: (Google Search) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-19]
CHR Extension: (Google Sheets) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-19]
CHR Extension: (Avira Browser Safety) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Google Wallet) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-19]
CHR Extension: (Gmail) - C:\Users\Calimera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-19]
CHR HKU\S-1-5-21-4209576780-459793780-3707532381-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Calimera\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Calimera\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-20] (Dritek System INC.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-20] (Dritek System Inc.)
R3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-06 21:24 - 2015-03-06 21:24 - 00000000 ____D () C:\Users\Calimera\Downloads\FRST-OlderVersion
2015-03-06 21:22 - 2015-03-06 21:22 - 00852604 _____ () C:\Users\Calimera\Downloads\SecurityCheck.exe
2015-03-05 13:09 - 2015-03-05 13:09 - 00296536 _____ () C:\WINDOWS\Minidump\030515-27562-01.dmp
2015-03-04 15:51 - 2015-03-04 15:51 - 02347384 _____ (ESET) C:\Users\Calimera\Downloads\esetsmartinstaller_deu (1).exe
2015-03-04 15:45 - 2015-03-04 15:45 - 00301640 _____ () C:\WINDOWS\Minidump\030415-21078-01.dmp
2015-03-03 22:06 - 2015-03-03 22:07 - 00297344 _____ () C:\WINDOWS\Minidump\030315-22218-01.dmp
2015-03-02 15:18 - 2015-03-02 15:18 - 00297016 _____ () C:\WINDOWS\Minidump\030215-29500-01.dmp
2015-03-01 20:31 - 2015-03-01 20:31 - 02347384 _____ (ESET) C:\Users\Calimera\Downloads\esetsmartinstaller_deu.exe
2015-02-28 22:20 - 2015-02-28 22:20 - 00063097 _____ () C:\Users\Calimera\Desktop\FRST2.txt
2015-02-28 22:16 - 2015-02-28 22:16 - 00001137 _____ () C:\Users\Calimera\Desktop\JRT.txt
2015-02-28 22:11 - 2015-02-28 22:12 - 01388274 _____ (Thisisu) C:\Users\Calimera\Downloads\JRT.exe
2015-02-28 22:10 - 2015-02-28 22:10 - 00003035 _____ () C:\Users\Calimera\Desktop\AdwCleaner[S14].txt
2015-02-28 22:03 - 2015-02-28 22:04 - 02126848 _____ () C:\Users\Calimera\Downloads\AdwCleaner_4.111.exe
2015-02-28 22:03 - 2015-02-28 22:03 - 00003647 _____ () C:\Users\Calimera\Desktop\mbam.txt
2015-02-28 21:24 - 2015-02-28 22:01 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-28 21:24 - 2015-02-28 21:24 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-28 21:24 - 2015-02-28 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-28 21:24 - 2015-02-28 21:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-28 21:24 - 2015-02-28 21:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-28 21:24 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-28 21:24 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-28 21:24 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-28 21:22 - 2015-02-28 21:23 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Calimera\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-28 21:16 - 2015-02-28 21:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Calimera\Downloads\revosetup95.exe
2015-02-28 21:16 - 2015-02-28 21:16 - 00001284 _____ () C:\Users\Calimera\Desktop\Revo Uninstaller.lnk
2015-02-28 21:16 - 2015-02-28 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-28 21:10 - 2015-02-28 21:10 - 00301472 _____ () C:\WINDOWS\Minidump\022815-35109-01.dmp
2015-02-28 18:27 - 2015-02-28 18:27 - 00000000 ____D () C:\Users\Calimera\AppData\Local\Steam
2015-02-28 15:28 - 2015-02-28 15:28 - 00031429 _____ () C:\Users\Calimera\Desktop\addition.txt
2015-02-28 15:27 - 2015-02-28 15:27 - 00061260 _____ () C:\Users\Calimera\Desktop\FRST.txt
2015-02-28 14:14 - 2015-02-28 14:15 - 00031429 _____ () C:\Users\Calimera\Downloads\Addition.txt
2015-02-28 14:13 - 2015-03-06 21:25 - 00018961 _____ () C:\Users\Calimera\Downloads\FRST.txt
2015-02-28 14:12 - 2015-03-06 21:25 - 00000000 ____D () C:\FRST
2015-02-28 14:12 - 2015-03-06 21:24 - 02092544 _____ (Farbar) C:\Users\Calimera\Downloads\FRST64.exe
2015-02-28 13:40 - 2015-02-28 13:40 - 00243576 _____ () C:\Users\Calimera\Downloads\Firefox Setup Stub 36.0.exe
2015-02-28 13:40 - 2015-02-28 13:40 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-28 13:40 - 2015-02-28 13:40 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-28 13:40 - 2015-02-28 13:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-28 13:16 - 2015-02-28 13:16 - 00295984 _____ () C:\WINDOWS\Minidump\022815-19625-01.dmp
2015-02-25 19:57 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 19:57 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-24 13:25 - 2015-02-24 13:25 - 00014816 _____ () C:\Users\Calimera\Documents\kündigung martina.odt
2015-02-22 21:43 - 2015-02-22 21:43 - 00297520 _____ () C:\WINDOWS\Minidump\022215-22390-01.dmp
2015-02-22 10:17 - 2015-02-22 10:17 - 01076843 _____ () C:\Users\Calimera\Downloads\StromlaufplanAstraGMJ98-00.rar
2015-02-20 22:20 - 2015-02-20 22:20 - 00296368 _____ () C:\WINDOWS\Minidump\022015-18343-01.dmp
2015-02-19 20:07 - 2015-03-04 10:43 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 20:07 - 2015-02-19 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-19 20:03 - 2015-02-19 20:03 - 00880208 _____ (Google Inc.) C:\Users\Calimera\Downloads\ChromeSetup (2).exe
2015-02-19 14:06 - 2015-02-19 14:06 - 02126848 _____ () C:\Users\Calimera\Desktop\adwcleaner_4.111.exe
2015-02-19 01:31 - 2015-02-19 01:31 - 00295384 _____ () C:\WINDOWS\Minidump\021915-23875-01.dmp
2015-02-18 20:42 - 2015-02-18 20:43 - 62692000 _____ (DVDVideoSoft Ltd. ) C:\Users\Calimera\Downloads\FreeStudio.exe
2015-02-18 02:47 - 2015-02-18 02:47 - 00001095 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\Users\Calimera\AppData\Local\PDF24
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-02-18 02:47 - 2015-02-18 02:47 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-02-18 02:46 - 2015-02-18 02:46 - 16342352 _____ (Geek Software GmbH ) C:\Users\Calimera\Downloads\pdf24-creator-6.9.2.exe
2015-02-18 02:41 - 2015-02-18 02:41 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\PDF Architect 2
2015-02-18 02:24 - 2015-02-18 02:24 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2015-02-18 02:12 - 2015-02-18 02:13 - 27721680 _____ (pdfforge ) C:\Users\Calimera\Downloads\PDFCreator-2_0_2-setup.exe
2015-02-17 22:03 - 2015-02-19 13:55 - 00000000 ____D () C:\Users\Calimera\Desktop\AntragStadtHof
2015-02-17 01:54 - 2015-02-17 01:54 - 00294936 _____ () C:\WINDOWS\Minidump\021715-26921-01.dmp
2015-02-15 10:36 - 2015-02-15 10:36 - 00299720 _____ () C:\WINDOWS\Minidump\021515-25781-01.dmp
2015-02-12 12:02 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-12 12:02 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 22:58 - 2015-02-11 22:58 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-11 10:12 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 10:12 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 10:12 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 10:12 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 10:12 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 10:12 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 10:12 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 10:12 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 10:12 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 10:12 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 10:12 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 10:12 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 10:12 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 10:12 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 10:12 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 10:12 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 10:12 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 10:12 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 10:12 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 10:12 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 10:12 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 10:12 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 10:12 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 10:12 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 10:12 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 10:12 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 10:12 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 10:12 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 10:12 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 10:12 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 10:12 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 10:12 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 10:12 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 10:12 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 10:12 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 10:12 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 10:12 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 10:12 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 10:12 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 10:12 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 10:12 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 10:12 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 10:12 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 10:12 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 10:12 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 10:12 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 10:12 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 10:12 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 10:12 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 10:12 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 10:12 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-11 10:12 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-11 10:12 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-11 10:12 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-11 10:12 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-11 10:12 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-11 10:12 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-11 10:12 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-11 10:11 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-11 10:11 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-11 10:11 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-11 10:11 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-11 10:11 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 10:11 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-11 10:11 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-02-10 18:40 - 2015-03-06 18:50 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D1A1490C-51CB-4877-B509-9A2E4514D98B}
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieUserList
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieSiteList
2015-02-10 18:40 - 2015-02-10 18:40 - 00000000 __SHD () C:\Users\Calimera\AppData\Local\EmieBrowserModeList
2015-02-10 18:35 - 2015-02-10 18:36 - 00293624 _____ () C:\WINDOWS\Minidump\021015-37296-01.dmp
2015-02-09 20:44 - 2015-02-09 20:44 - 00301192 _____ () C:\WINDOWS\Minidump\020915-21687-01.dmp
2015-02-09 15:30 - 2015-03-05 13:09 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-09 15:30 - 2015-02-09 15:30 - 00294904 _____ () C:\WINDOWS\Minidump\020915-18328-01.dmp
2015-02-08 18:37 - 2015-02-19 12:26 - 00010752 ___SH () C:\Users\Calimera\Desktop\Thumbs.db
2015-02-08 18:13 - 2015-02-08 18:13 - 00000000 ____D () C:\Users\Calimera\Documents\ProcAlyzer Dumps
2015-02-08 17:20 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-08 17:20 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-08 17:20 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-08 17:20 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-08 17:20 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-08 17:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-08 17:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-08 17:17 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-08 17:17 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-08 17:15 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-08 17:15 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-08 17:15 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-08 17:15 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-08 17:10 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-08 17:10 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-08 17:08 - 2015-02-08 17:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-02-08 17:07 - 2015-02-08 17:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-08 17:07 - 2015-02-08 17:17 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-08 17:07 - 2015-02-08 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-08 17:07 - 2015-02-08 17:07 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-08 17:07 - 2015-02-08 17:07 - 00001395 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-08 17:07 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-02-08 17:04 - 2015-02-08 17:06 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Calimera\Downloads\spybot-2.4.exe
2015-02-08 17:00 - 2015-02-08 17:00 - 02112512 _____ () C:\Users\Calimera\Downloads\adwcleaner_4.110.exe
2015-02-08 17:00 - 2015-02-08 17:00 - 02112512 _____ () C:\Users\Calimera\Downloads\adwcleaner_4.110 (1).exe
2015-02-07 20:28 - 2015-02-07 20:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-02-06 20:56 - 2015-02-06 20:56 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-06 20:40 - 2015-02-06 20:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-06 20:37 - 2015-02-06 20:37 - 00001454 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-06 20:37 - 2015-02-06 20:37 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-06 20:36 - 2015-02-06 20:36 - 00000020 ___SH () C:\Users\Calimera\ntuser.ini
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-06 20:35 - 2015-02-06 20:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-06 20:33 - 2015-02-06 20:33 - 06103040 _____ () C:\Program Files (x86)\GUT113F.tmp
2015-02-06 20:33 - 2015-02-06 20:33 - 00000000 ____D () C:\Program Files (x86)\GUM112E.tmp
2015-02-06 20:31 - 2015-02-06 20:31 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-06 20:08 - 2015-02-06 20:08 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-06 20:02 - 2015-02-06 20:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-06 20:00 - 2015-03-05 13:11 - 00000000 ____D () C:\Users\Calimera
2015-02-06 20:00 - 2015-02-06 20:01 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Vorlagen
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Startmenü
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Netzwerkumgebung
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Lokale Einstellungen
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Eigene Dateien
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Druckumgebung
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Documents\Eigene Musik
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Documents\Eigene Bilder
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Local\Verlauf
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\AppData\Local\Anwendungsdaten
2015-02-06 20:00 - 2015-02-06 20:00 - 00000000 _SHDL () C:\Users\Calimera\Anwendungsdaten
2015-02-06 20:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-06 20:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-06 20:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-06 20:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-06 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-06 19:56 - 2015-02-06 20:31 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2015-02-06 19:56 - 2015-02-06 20:31 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2015-02-06 19:49 - 2015-03-06 21:14 - 01560871 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-06 19:49 - 2015-02-06 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-02-06 19:49 - 2015-02-06 19:49 - 00000000 ____D () C:\Program Files\Realtek
2015-02-06 19:49 - 2013-08-29 23:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 01042208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-02-06 19:49 - 2013-08-29 23:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-02-06 19:49 - 2013-08-29 23:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-02-06 19:49 - 2013-08-29 21:28 - 03349466 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-06 19:48 - 2015-02-06 20:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-06 19:48 - 2015-02-06 19:48 - 00000000 ____D () C:\Program Files\Elantech
2015-02-06 19:47 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-02-06 19:47 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-02-06 19:44 - 2015-02-06 21:09 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-06 19:43 - 2015-02-06 19:43 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-06 19:43 - 2015-02-06 19:43 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-06 19:43 - 2015-02-06 19:43 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-06 19:43 - 2015-02-06 19:43 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-06 19:43 - 2015-02-06 19:43 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-06 19:41 - 2015-02-06 19:41 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-06 19:41 - 2015-02-06 19:41 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-06 19:41 - 2015-02-06 19:41 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-06 19:41 - 2015-02-06 19:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-06 19:40 - 2015-02-06 19:40 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-06 19:30 - 2015-02-06 19:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-06 19:30 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-06 19:30 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-06 19:29 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-06 19:29 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-06 21:05 - 2014-03-24 13:29 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-06 21:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-06 20:41 - 2013-04-18 09:06 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-06 20:41 - 2013-04-18 09:06 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-06 18:47 - 2013-04-16 20:04 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4209576780-459793780-3707532381-1002
2015-03-06 18:43 - 2014-08-14 11:27 - 00000438 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-03-06 18:41 - 2013-08-22 15:46 - 00306721 _____ () C:\WINDOWS\setupact.log
2015-03-06 18:41 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-05 15:11 - 2013-04-18 09:31 - 00000000 ____D () C:\Users\Calimera\AppData\Local\clear.fi
2015-03-05 13:09 - 2014-11-20 19:24 - 00012182 _____ () C:\WINDOWS\PFRO.log
2015-03-05 13:09 - 2014-02-22 03:00 - 821888650 _____ () C:\WINDOWS\MEMORY.DMP
2015-03-05 12:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-05 12:24 - 2014-09-07 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 12:24 - 2014-09-07 21:55 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-05 12:24 - 2014-08-14 14:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-04 00:31 - 2014-05-04 21:38 - 00000000 ____D () C:\Users\Calimera\Desktop\Alles fürn Schatz
2015-03-04 00:21 - 2014-05-01 21:24 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\vlc
2015-02-28 22:06 - 2014-03-20 00:43 - 00000000 ____D () C:\AdwCleaner
2015-02-28 22:03 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-28 22:03 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-28 22:03 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-28 21:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-28 18:31 - 2014-01-25 22:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-28 13:40 - 2014-11-26 00:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-25 20:44 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-21 00:22 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-02-19 20:07 - 2013-04-18 09:06 - 00000000 ____D () C:\Users\Calimera\AppData\Local\Google
2015-02-19 20:06 - 2013-04-18 09:06 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-19 13:23 - 2013-07-17 20:52 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\DVDVideoSoft
2015-02-18 02:00 - 2015-01-19 23:42 - 00000000 ____D () C:\Users\Calimera\Desktop\Vordrucke
2015-02-12 14:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-12 11:51 - 2014-09-07 21:59 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-02-12 11:51 - 2014-09-07 21:55 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-02-12 11:51 - 2014-09-07 21:55 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-02-11 23:02 - 2013-08-22 15:44 - 00363176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-11 23:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-11 22:58 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-11 12:55 - 2013-09-11 11:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 12:51 - 2013-04-22 19:41 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-10 11:25 - 2014-07-16 09:33 - 00000000 ____D () C:\Users\Calimera\Desktop\EquineDreams
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-09 20:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-09 17:10 - 2013-04-16 19:56 - 00000000 ____D () C:\Users\Calimera\AppData\Local\Packages
2015-02-08 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-08 18:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-07 20:25 - 2013-05-07 10:45 - 00000000 ____D () C:\Users\Calimera\Desktop\Bilder
2015-02-06 20:53 - 2015-02-01 20:16 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-06 20:36 - 2013-04-18 09:06 - 00004108 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 20:36 - 2013-04-18 09:06 - 00003872 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-06 20:35 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-06 20:31 - 2015-01-17 21:20 - 00012816 _____ () C:\WINDOWS\comsetup.log
2015-02-06 20:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-06 20:26 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-06 20:26 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-06 20:12 - 2015-01-31 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-06 20:12 - 2014-12-08 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-02-06 20:12 - 2014-12-01 11:10 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-02-06 20:12 - 2014-11-08 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-06 20:12 - 2014-08-27 11:45 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-06 20:12 - 2014-08-27 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-06 20:12 - 2014-07-31 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-02-06 20:12 - 2014-07-31 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-06 20:12 - 2014-06-02 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-02-06 20:12 - 2014-05-01 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-06 20:12 - 2014-03-25 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-02-06 20:12 - 2014-01-25 23:01 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-06 20:12 - 2014-01-25 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-06 20:12 - 2013-12-13 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-02-06 20:12 - 2013-10-01 14:45 - 00000000 ____D () C:\Users\Calimera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2015-02-06 20:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-06 20:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-06 20:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-06 20:12 - 2013-04-27 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-06 20:12 - 2013-04-18 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-06 20:12 - 2012-10-20 08:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-06 20:12 - 2012-10-20 07:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-06 20:12 - 2012-09-01 19:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-06 20:12 - 2012-09-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-06 20:12 - 2012-09-01 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-06 20:09 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-06 20:09 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-06 20:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-06 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-06 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-06 20:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-06 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-06 20:04 - 2015-01-06 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-02-06 20:04 - 2014-05-20 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG
2015-02-06 20:04 - 2014-05-20 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
2015-02-06 20:04 - 2014-03-30 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-02-06 20:04 - 2014-03-30 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
2015-02-06 20:04 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-06 20:04 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-06 20:04 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-06 20:04 - 2012-09-01 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-06 20:04 - 2012-09-01 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-06 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-06 20:02 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-02-06 19:49 - 2014-05-04 00:59 - 00000000 ____D () C:\temp
2015-02-06 19:44 - 2015-01-28 20:21 - 00000000 __SHD () C:\Recovery
2015-02-06 19:43 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-06 19:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-06 19:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-06 19:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-05 21:05 - 2013-04-16 19:56 - 01326630 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-02-04 22:05 - 2014-03-24 13:29 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2015-02-06 20:33 - 2015-02-06 20:33 - 6103040 _____ () C:\Program Files (x86)\GUT113F.tmp
2014-03-15 23:56 - 2014-03-19 21:40 - 0000112 _____ () C:\Users\Calimera\AppData\Roaming\WB.CFG
2014-12-18 20:25 - 2014-12-18 20:25 - 0002141 _____ () C:\Users\Calimera\AppData\Local\recently-used.xbel

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.10924.dll


Some content of TEMP:
====================
C:\Users\Calimera\AppData\Local\Temp\avgnt.exe
C:\Users\Calimera\AppData\Local\Temp\Quarantine.exe
C:\Users\Calimera\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 13:38

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Ansonsten aber keine Probleme mehr! =) Danke!

schrauber 07.03.2015 13:12
Java updaten,

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Calimera 15.03.2015 16:47
Hallo,


erstmal vielen vielen Dank für deine tolle Hilfe Schrauber!

Seit ein paar Tagen habe ich allerdings erneut Probleme folgender Art:

Ich öffne einen beliebigen Browser, zuerst funktioniert noch alles bestens, nach einigen Minuten hängt sich dann aber alles auf (sowohl Browser als auch das Notebook selbst), sei es beim neuen Tab öffnen oder überhaupt eine Seite laden, auch das scrollen funktioniert nur verzögert oder wenn ich auf dem Desktop irgendein Programm oder einen Ordner öffnen möchte tut sich manchmal gar nichts. Allerdings ist dieses "aufhängen" nur von kurzer Dauer, dann funktioniert wieder alles normal und dann geht es wieder los. Manchmal habe ich im Browser auch mehrere Tabs offen, wenn ich dann dazwischen hin und her klicke, kommt zuerst eine weiße Seite und es dauert einige Sekunden bis der Inhalt angezeigt wird.

Kann es sein das diese Probleme noch mit dem Roll Around zutun haben?

LG, Calimera

schrauber 16.03.2015 08:31
Egal in welchem Browser? Deaktiviere mal dein AV Programm komplett und teste nochmal.

Calimera 22.03.2015 16:45
Hallo,

ich konnte nun endlich mal testen wie es ohne AV Programm läuft, aber auch hier habe ich das gleiche Problem :(

schrauber 23.03.2015 09:15
und was ist mit meiner Frage bezgl. welcher Browser?

Calimera 23.03.2015 20:12
Es tritt bei all meinen installierten Browsern auf (Firefox, Chrome, Iron und IE) Mittlerweile ist es sogar schon so weit das ich das Notebook ausschalten muss (herunterfahren und neustart funktionieren nicht) weil nichtsmehr funktioniert.

LG

schrauber 24.03.2015 10:31
Gewusst wie: Durchführen eines sauberen Neustarts in Windows

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:44 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131