Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ungewollte Umleitung auf wpkg.org (https://www.trojaner-board.de/166492-ungewollte-umleitung-wpkg-org.html)

Silke12345 28.04.2015 02:02
Ungewollte Umleitung auf wpkg.org
 
Hallo,
seit 3 Tagen werde ich ungewollt auf die Internetseite wpkg.org umgeleitet, wenn ich unterschiedliche Internetseiten aufrufen möchte. Manche Seiten kann ich jedoch auch aufrufen.
Bisher habe ich den IE genutzte. Aufgrund des Problems habe ich nun auch firefox runtergeladen, da tritt das Problem ebenfalls bei manchen Seiten auf.
Ich habe eine vollständige Untersuchung durch kaspersky durchführen lassen - ohne Ergebnis.
Ich bin absoluter Laie bei diesem Thema und weiß nicht, was sich der Rechner da eingefangen hat, deshalb habe ich die in eurer Anleitung genannten Logfiles bisher nicht erstellt.
Über eure Hilfe würde ich mich freuen.
Viele Grüße
Silke

cosinus 28.04.2015 02:12
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Silke12345 28.04.2015 03:44
Hallo Cosinus,
vielen Dank für deine Antwort.

Ich habe gestern noch ein Programm runtergeladen, ich glaube es hieß adware cleaner. Das hat auch etwas gefunden. Das Programm habe ich jedoch wieder deinstalliert.
Kann ich das Ergebnis noch irgendwo finden...????:crazy:

[CODE][/
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
Ran by Silke Laptop (administrator) on SILKELENOVO on 28-04-2015 09:26:37
Running from C:\Users\Silke Laptop\Downloads
Loaded Profiles: Silke Laptop (Available profiles: UpdatusUser & Silke Laptop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Astrill) C:\Program Files (x86)\Astrill\astrill.exe
(Astrill) C:\Program Files (x86)\Astrill\ASOvpnSvc.exe
() C:\Program Files (x86)\Astrill\asovpnc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1022592 2012-04-28] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-04-28] (Atheros Commnucations)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-07-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-23] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-07-18] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-26] ( )
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-03] (Samsung)
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\MountPoints2: {6a3de366-b655-11e2-b103-74e5437befb1} - G:\Setup.exe
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\MountPoints2: {9ad3446a-cab9-11e3-800a-74e5437befb1} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\start.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-23] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-12-23]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Silke Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-07-18] ()
BootExecute: autocheck autochk * FbDefrag

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3889148614-2962051019-789845505-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3889148614-2962051019-789845505-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-24] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-3889148614-2962051019-789845505-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://cortalconsors.webex.com/client/WBXclient-T28L10NSP12EP6-17378/nbr/ieatgpc1.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 198.18.112.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Silke Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\6su7ocoe.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin-x32: @cfca.com/SecEditCtl.BOC,version=1.0.0.9 -> C:\Windows\system32\npSecEditCtl.BOC.x86.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Astrill Proxy Switcher - C:\Users\Silke Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\6su7ocoe.default\Extensions\addon@astrill.com [2015-01-25]
FF Extension: Yahoo! Toolbar - C:\Users\Silke Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\6su7ocoe.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-04-27]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-23]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-24]
FF HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Silke Laptop\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-05-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASOVPNHelper; C:\Program Files (x86)\Astrill\ASOvpnSvc.exe [434016 2014-09-08] (Astrill)
S3 ASProxy; C:\Program Files (x86)\Astrill\ASProxy.exe [2169368 2014-11-16] (Astrill)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-28] (Kaspersky Lab ZAO)
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 asvpndrv; C:\Windows\System32\DRIVERS\asvpndrv.sys [31744 2014-05-17] (Astrill)
S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-10] (Lenovo)
S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-05-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-01-29] (CACE Technologies)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-28 09:23 - 2015-04-28 09:24 - 00059768 _____ () C:\Users\Silke Laptop\Downloads\Addition.txt
2015-04-28 09:22 - 2015-04-28 09:26 - 00030912 _____ () C:\Users\Silke Laptop\Downloads\FRST.txt
2015-04-28 09:22 - 2015-04-28 09:26 - 00000000 ____D () C:\FRST
2015-04-28 09:20 - 2015-04-28 09:20 - 02100736 _____ (Farbar) C:\Users\Silke Laptop\Downloads\FRST64.exe
2015-04-27 19:25 - 2015-04-27 19:25 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-27 19:25 - 2015-04-27 19:25 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-27 19:25 - 2015-04-27 19:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 15:47 - 2015-04-28 08:45 - 00065536 ___HT () C:\Users\Silke Laptop\Documents\~Outlook.pst.tmp
2015-04-27 15:20 - 2015-04-27 15:31 - 00000000 ____D () C:\AdwCleaner
2015-04-27 15:18 - 2015-04-27 15:19 - 02224640 _____ () C:\Users\Silke Laptop\Downloads\adwcleaner_4.202.exe
2015-04-27 14:08 - 2015-04-27 14:08 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Local\NVIDIA
2015-04-27 14:07 - 2015-04-27 14:07 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-04-27 14:07 - 2015-04-27 14:07 - 00000000 ____D () C:\Windows\system32\NV
2015-04-27 13:59 - 2013-10-02 10:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-04-27 13:59 - 2013-10-02 10:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-27 13:59 - 2013-10-02 10:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-27 13:59 - 2013-10-02 09:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-04-27 13:59 - 2013-10-02 09:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-04-27 13:59 - 2013-10-02 09:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-27 13:59 - 2013-10-02 09:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-04-27 13:59 - 2013-10-02 08:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-27 13:59 - 2013-10-02 08:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-04-27 13:59 - 2013-10-02 08:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-04-27 13:59 - 2013-10-02 08:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-27 13:59 - 2013-10-02 08:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-04-27 13:59 - 2013-10-02 07:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-04-27 13:59 - 2013-10-02 07:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-27 13:59 - 2013-10-02 07:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-27 13:59 - 2013-10-02 06:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-27 13:59 - 2013-10-02 04:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-27 13:59 - 2013-10-02 04:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-27 13:41 - 2015-03-14 11:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-27 13:41 - 2015-03-14 11:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-04-27 13:41 - 2015-03-14 11:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-27 13:41 - 2015-03-14 11:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-04-27 13:41 - 2015-01-29 11:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-27 13:41 - 2015-01-29 11:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-25 14:57 - 2015-04-25 14:57 - 00000165 ____H () C:\Users\Silke Laptop\Desktop\~$China.xlsx
2015-04-19 13:18 - 2015-04-26 17:23 - 00037440 _____ () C:\Users\Silke Laptop\Desktop\China.xlsx
2015-04-19 11:30 - 2015-04-19 11:30 - 00750672 _____ () C:\Windows\Minidump\041915-21200-01.dmp
2015-04-17 12:36 - 2015-04-17 12:36 - 01234944 _____ () C:\Windows\Minidump\041715-21309-01.dmp
2015-04-16 17:55 - 2015-04-16 17:55 - 00003204 _____ () C:\Windows\System32\Tasks\{86DF11BE-D0F2-4081-913E-B4FF56BAB479}
2015-04-16 17:31 - 2015-04-16 17:54 - 42096984 _____ (Apple Inc.) C:\Users\Silke Laptop\Downloads\QuickTimeInstaller (2).exe
2015-04-16 16:02 - 2015-04-16 16:04 - 00618671 _____ () C:\Users\Silke Laptop\Desktop\Motto 2014.pptx
2015-04-16 15:18 - 2015-04-16 16:18 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-16 15:13 - 2015-04-16 15:14 - 42096984 _____ (Apple Inc.) C:\Users\Silke Laptop\Downloads\QuickTimeInstaller (1).exe
2015-04-15 07:33 - 2015-03-25 11:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 07:33 - 2015-03-25 11:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 07:33 - 2015-03-25 11:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 07:33 - 2015-03-25 11:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:33 - 2015-03-25 11:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 07:33 - 2015-03-25 11:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 07:33 - 2015-03-25 11:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 07:33 - 2015-03-25 11:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 07:33 - 2015-03-25 11:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 07:32 - 2015-04-02 08:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 07:32 - 2015-04-02 07:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 07:32 - 2015-03-23 11:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 07:32 - 2015-03-23 11:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 07:32 - 2015-03-23 11:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 07:32 - 2015-03-17 13:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:32 - 2015-03-17 13:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 07:32 - 2015-03-17 13:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 07:32 - 2015-03-17 13:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 07:32 - 2015-03-17 13:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 07:32 - 2015-03-17 13:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 07:32 - 2015-03-17 13:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 07:32 - 2015-03-17 13:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 07:32 - 2015-03-17 13:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 07:32 - 2015-03-17 13:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 07:32 - 2015-03-17 13:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 07:32 - 2015-03-17 13:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 07:32 - 2015-03-17 13:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 07:32 - 2015-03-17 13:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 07:32 - 2015-03-17 13:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 07:32 - 2015-03-17 12:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 07:32 - 2015-03-17 12:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 07:32 - 2015-03-17 12:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 07:32 - 2015-03-17 12:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 07:32 - 2015-03-17 12:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 11:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 07:32 - 2015-03-17 11:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 07:32 - 2015-03-17 11:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 11:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 11:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 11:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:32 - 2015-03-13 12:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 07:32 - 2015-03-13 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 07:32 - 2015-03-13 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 07:32 - 2015-03-13 12:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 07:32 - 2015-03-13 12:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 07:32 - 2015-03-13 12:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 07:32 - 2015-03-13 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 07:32 - 2015-03-13 12:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 07:32 - 2015-03-13 12:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 07:32 - 2015-03-13 12:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 07:32 - 2015-03-13 11:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 07:32 - 2015-03-13 11:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 07:32 - 2015-03-13 11:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 07:32 - 2015-03-13 11:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 07:32 - 2015-03-13 11:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 07:32 - 2015-03-13 11:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 07:32 - 2015-03-13 11:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 07:32 - 2015-03-13 11:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 07:32 - 2015-03-13 11:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 07:32 - 2015-03-13 11:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 07:32 - 2015-03-13 11:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 07:32 - 2015-03-13 11:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 07:32 - 2015-03-13 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 07:32 - 2015-03-13 11:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 07:32 - 2015-03-13 11:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 07:32 - 2015-03-13 11:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 07:32 - 2015-03-13 11:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 07:32 - 2015-03-13 11:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 07:32 - 2015-03-13 11:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 07:32 - 2015-03-13 11:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 07:32 - 2015-03-13 11:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 07:32 - 2015-03-13 11:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 07:32 - 2015-03-13 11:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 07:32 - 2015-03-13 11:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 07:32 - 2015-03-13 11:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 07:32 - 2015-03-13 11:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 07:32 - 2015-03-13 11:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 07:32 - 2015-03-13 11:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 07:32 - 2015-03-13 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 07:32 - 2015-03-13 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 07:32 - 2015-03-13 11:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 07:32 - 2015-03-13 11:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 07:32 - 2015-03-13 10:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 07:32 - 2015-03-13 10:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 07:32 - 2015-03-13 10:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 07:32 - 2015-03-13 10:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 07:32 - 2015-03-13 10:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 07:32 - 2015-03-13 10:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 07:32 - 2015-03-13 10:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 07:32 - 2015-03-13 10:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 07:32 - 2015-03-13 10:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 07:32 - 2015-03-13 10:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 07:32 - 2015-03-13 10:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 07:32 - 2015-03-13 10:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 07:32 - 2015-03-13 10:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 07:32 - 2015-03-13 10:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 07:32 - 2015-03-10 11:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 07:32 - 2015-03-10 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 07:32 - 2015-03-10 11:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 07:32 - 2015-03-10 11:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 07:32 - 2015-03-05 13:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 07:32 - 2015-03-05 12:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 07:32 - 2015-02-25 11:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 07:31 - 2015-03-04 12:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 07:31 - 2015-03-04 12:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 07:31 - 2015-03-04 12:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 07:24 - 2015-04-15 07:25 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Urlaub
2015-04-13 14:03 - 2015-04-17 10:41 - 02687831 _____ () C:\Users\Silke Laptop\Desktop\Beijing.pptx
2015-04-13 12:40 - 2015-04-13 12:41 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Local\{D2E9EEEA-5A1A-4795-B74F-C1C589E95B83}
2015-04-12 00:46 - 2015-04-12 00:47 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-12 00:46 - 2015-04-12 00:46 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-11 19:18 - 2015-04-11 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-28 09:26 - 2012-11-03 19:56 - 98550784 _____ () C:\Users\Silke Laptop\Documents\Outlook.pst
2015-04-28 09:26 - 2012-07-17 23:32 - 01674180 _____ () C:\Windows\WindowsUpdate.log
2015-04-28 09:24 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-28 09:24 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-28 09:18 - 2012-10-21 15:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-28 09:14 - 2012-10-21 04:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-04-28 09:10 - 2013-10-26 13:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-28 09:10 - 2013-06-10 20:29 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Steuer
2015-04-28 08:45 - 2012-11-03 19:29 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Outlook-Dateien
2015-04-28 08:31 - 2015-03-06 13:28 - 00000000 ___RD () C:\Users\Silke Laptop\Dropbox
2015-04-28 08:31 - 2015-03-06 13:25 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Roaming\Dropbox
2015-04-28 08:27 - 2013-10-26 13:05 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-28 08:18 - 2012-07-18 09:18 - 00700010 _____ () C:\Windows\system32\perfh007.dat
2015-04-28 08:18 - 2012-07-18 09:18 - 00150304 _____ () C:\Windows\system32\perfc007.dat
2015-04-28 08:18 - 2009-07-14 13:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-28 08:14 - 2012-07-18 00:18 - 00000000 ____D () C:\ProgramData\VeriFace
2015-04-28 08:13 - 2012-10-21 09:38 - 08325710 _____ () C:\FaceProv.log
2015-04-27 20:37 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-27 20:37 - 2009-07-14 12:51 - 00145694 _____ () C:\Windows\setupact.log
2015-04-27 19:45 - 2014-09-21 02:35 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Roaming\Skype
2015-04-27 19:24 - 2013-01-13 05:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-27 16:32 - 2014-06-06 22:23 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Fitnesscenter Kirchheim Asahi
2015-04-27 14:07 - 2012-07-17 23:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-27 14:06 - 2009-07-14 11:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-27 14:05 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-27 13:58 - 2012-07-17 23:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-27 13:58 - 2012-07-17 23:50 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-26 20:45 - 2012-10-21 04:17 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Roaming\Adobe
2015-04-25 16:35 - 2015-03-06 13:28 - 00001053 _____ () C:\Users\Silke Laptop\Desktop\Dropbox.lnk
2015-04-25 16:35 - 2015-03-06 13:27 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-25 15:06 - 2014-09-21 16:18 - 00000000 ____D () C:\Users\Silke Laptop\Documents\china
2015-04-21 15:37 - 2013-04-09 00:39 - 01426432 ___SH () C:\Users\Silke Laptop\Desktop\Thumbs.db
2015-04-19 13:52 - 2015-03-22 10:37 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Rezepte
2015-04-19 11:30 - 2013-04-08 13:02 - 00000000 ____D () C:\Windows\Minidump
2015-04-19 11:30 - 2013-04-08 13:01 - 869054771 _____ () C:\Windows\MEMORY.DMP
2015-04-19 09:26 - 2013-11-06 03:46 - 00178688 ___SH () C:\Users\Silke Laptop\Documents\Thumbs.db
2015-04-17 15:26 - 2015-02-03 18:09 - 00035607 _____ () C:\Users\Silke Laptop\Desktop\Ausgaben China.xlsx
2015-04-17 08:34 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 07:03 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 19:34 - 2010-11-21 11:47 - 00319556 _____ () C:\Windows\PFRO.log
2015-04-16 19:32 - 2014-12-11 22:10 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 19:32 - 2014-05-07 12:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 19:32 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 19:31 - 2014-02-27 14:21 - 01596482 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 19:31 - 2012-11-03 19:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 19:27 - 2013-07-19 13:51 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 19:22 - 2012-11-03 20:51 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-16 19:22 - 2009-07-14 10:34 - 00000537 _____ () C:\Windows\win.ini
2015-04-16 19:05 - 2012-10-21 15:55 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Local\CrashDumps
2015-04-16 16:18 - 2012-10-21 15:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-16 16:18 - 2012-10-21 15:39 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-16 16:18 - 2012-10-21 15:39 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-16 14:28 - 2015-03-22 11:25 - 00000000 ____D () C:\Users\Silke Laptop\Desktop\Bilder
2015-04-15 12:57 - 2014-10-26 14:02 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Garfrescha
2015-04-15 07:18 - 2013-07-15 00:47 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Finanzen
2015-04-13 20:38 - 2013-04-11 19:24 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Eigene Scans
2015-04-12 17:32 - 2014-09-21 02:34 - 00000000 ____D () C:\ProgramData\Skype
2015-04-12 16:55 - 2014-01-22 01:37 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Spullersee
2015-04-12 12:58 - 2015-01-13 16:34 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Postbank Kontoauszüge
2015-04-12 11:45 - 2015-03-14 20:13 - 00000000 ____D () C:\Users\Silke Laptop\Documents\TS
2015-04-11 19:18 - 2013-06-02 16:13 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-11 19:18 - 2012-11-20 14:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-04-02 18:40 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2014-07-04 20:26 - 2014-07-04 20:26 - 0001181 _____ () C:\Users\Silke Laptop\AppData\Roaming\trace_FilterInstaller.1.txt
2014-07-04 20:26 - 2014-07-04 20:59 - 0000919 _____ () C:\Users\Silke Laptop\AppData\Roaming\trace_FilterInstaller.txt
2014-07-04 20:26 - 2014-07-04 20:59 - 0000000 _____ () C:\Users\Silke Laptop\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-11-04 19:06 - 2012-11-04 19:06 - 0004096 ____H () C:\Users\Silke Laptop\AppData\Local\keyfile3.drm
2014-09-15 01:52 - 2014-12-21 00:47 - 0007602 _____ () C:\Users\Silke Laptop\AppData\Local\resmon.resmoncfg
2013-09-17 04:36 - 2013-09-17 04:36 - 0017408 _____ () C:\Users\Silke Laptop\AppData\Local\WebpageIcons.db
2012-12-23 22:16 - 2014-06-16 19:26 - 0001321 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Silke Laptop\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\Silke Laptop\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\Silke Laptop\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbsr41p.dll
C:\Users\Silke Laptop\AppData\Local\Temp\Execute2App.exe
C:\Users\Silke Laptop\AppData\Local\Temp\msvcp90.dll
C:\Users\Silke Laptop\AppData\Local\Temp\msvcr90.dll
C:\Users\Silke Laptop\AppData\Local\Temp\Quarantine.exe
C:\Users\Silke Laptop\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Silke Laptop\AppData\Local\Temp\sqlite3.dll
C:\Users\Silke Laptop\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 18:48

==================== End Of Log ============================
--- --- ---

--- --- ---
CODE]

Silke12345 28.04.2015 03:46
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
Ran by Silke Laptop at 2015-04-28 09:26:57
Running from C:\Users\Silke Laptop\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3889148614-2962051019-789845505-500 - Administrator - Disabled)
Gast (S-1-5-21-3889148614-2962051019-789845505-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3889148614-2962051019-789845505-1003 - Limited - Enabled)
Silke Laptop (S-1-5-21-3889148614-2962051019-789845505-1001 - Administrator - Enabled) => C:\Users\Silke Laptop
UpdatusUser (S-1-5-21-3889148614-2962051019-789845505-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ActiveTrader Deutschland (HKLM-x32\...\{0DE75F32-3E22-42F7-B6CD-5A6644581F4E}) (Version: 6.1.1 - Cortal Consors)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Astrill (HKLM\...\{A77BCF74-A5A3-441B-9923-305EAD8B7976}_is1) (Version:  - Astrill)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.135 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)
Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Audials (HKLM-x32\...\{DA6EBFC9-8869-4B61-8D38-2668A395C5B0}) (Version: 11.0.54400.0 - Audials AG)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.32.50 - Conexant)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.0.0 - devolo AG)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Easy MP3 Cutter 3.0 (HKLM-x32\...\Easy MP3 Cutter_is1) (Version:  - ManiacTools.com)
EG21 Vokabelkartei interaktiv 1 (HKLM-x32\...\{A036DB99-B62F-4110-8D87-9DF0D6DC4022}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
EG21 Vokabelkartei interaktiv 2 (HKLM-x32\...\{D9C1E527-F7B8-4C32-8186-E59DDD38C475}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.4.1 - Lenovo)
Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Freddy:Mathe5/Mathe6 (HKLM-x32\...\freddyMathe56) (Version:  - )
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM)
Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden
KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.12.204.1 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 10.4.2.8 - ELAN Microelectronic Corp.)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{B73D2BF9-2C82-40A4-AFA8-32CE2E501640}) (Version: 2.2.002.00 - Lenovo Group Limited)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0011.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo)
LockKey (x32 Version: 1.38.1.2 - Lenovo) Hidden
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Foto Manager MX Deluxe (HKLM-x32\...\MAGIX_{4CAD11B3-9066-4106-B7A0-CCFB466DED13}) (Version: 9.0.1.250 - MAGIX AG)
MAGIX Foto Manager MX Deluxe (Version: 9.0.1.250 - MAGIX AG) Hidden
MAGIX Foto Manager MX Deluxe Update (Version: 9.0.2.256 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Bild-in-Bild Demo-Projekt) (HKLM-x32\...\MAGIX_{1442E56B-CCAD-4F3E-86A5-748CCAAAB143}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Bild-in-Bild Demo-Projekt) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Designelemente 1) (HKLM-x32\...\MAGIX_{C989667E-9CB4-49EA-BCA8-FECB9B25C8C5}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Designelemente 1) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Designelemente 2) (HKLM-x32\...\MAGIX_{24109D13-A0E6-460C-99E2-12CA7C09EAA7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Designelemente 2) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Filmtrailer) (HKLM-x32\...\MAGIX_{09431E25-F7CE-488F-9910-9279F00A742A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Filmtrailer) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Fotoshow Maker-Stile 1) (HKLM-x32\...\MAGIX_{35F6D705-750C-4635-AF60-035FAEDA2FC0}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Fotoshow Maker-Stile 1) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Fotoshow Maker-Stile 2) (HKLM-x32\...\MAGIX_{3DC4C012-CC0A-4663-9F64-1D956F97ADE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Fotoshow Maker-Stile 2) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (HKLM-x32\...\MAGIX_{57F4B170-E76D-47F9-B6BA-F3D4FB7445B6}) (Version: 12.0.0.75 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{EB13DF91-4D92-43A7-93BC-4D080D2E8227}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Individuelle Menüvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Menüvorlagen 1) (HKLM-x32\...\MAGIX_{3D8C348D-FE2E-46FA-8899-23B043D673D2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Menüvorlagen 1) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Menüvorlagen 2) (HKLM-x32\...\MAGIX_{56EC4F76-BF2D-476E-947F-DF627EA71630}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Menüvorlagen 2) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Nachvertonungsarchiv) (HKLM-x32\...\MAGIX_{AEF35DCE-5F53-43CF-AA71-6BE270C3AF10}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Nachvertonungsarchiv) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Soundtrack Maker-Stile) (HKLM-x32\...\MAGIX_{897E988E-A520-412B-99B9-3D04904FA6D3}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Soundtrack Maker-Stile) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Titeleffekte) (HKLM-x32\...\MAGIX_{FBA359C1-5530-45AB-ACA3-56C7693612DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Titeleffekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Überblendeffekte) (HKLM-x32\...\MAGIX_{953D4F60-9038-44EB-A867-6DFCDFFB6AA8}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Überblendeffekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Version: 12.0.0.75 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{AC378B42-5783-4CD0-A699-AA4AD2D3D3C7}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker Soundtrack Edition (Demosongs) (HKLM-x32\...\MAGIX_{7008FDC2-9B1A-4398-BE02-5365B578471A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker Soundtrack Edition (Demosongs) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Soundtrack Edition (HKLM-x32\...\MAGIX_{13608872-D05A-43C8-A9A3-F565B504DD61}) (Version: 19.0.3.46 - MAGIX AG)
MAGIX Music Maker Soundtrack Edition (Synthesizer und Effekte) (HKLM-x32\...\MAGIX_{0DE9B74C-4FF3-4AFF-8026-58CE0DA157EF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker Soundtrack Edition (Synthesizer und Effekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Soundtrack Edition (Version: 19.0.3.46 - MAGIX AG) Hidden
MAGIX Music Maker Soundtrack Edition Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}) (Version: 2.0.1.9 - MAGIX AG)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{23C780EF-FF93-4955-BCE4-B4CCF0D38268}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Meine CEWE FOTOWELT (HKLM-x32\...\Meine CEWE FOTOWELT) (Version: 5.1.6 - CEWE Stiftung u Co. KGaA)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\MyFreeCodec) (Version:  - )
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA Grafiktreiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39016 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Rossmann Fotowelt Software 4.12.1 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SecEditCtl.BOC (only remove) (HKLM-x32\...\SecEditCtl.BOC01000009) (Version:  - CFCA)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sprachtrainer Découvertes 2 (HKLM-x32\...\{ACC901CB-12A9-4252-8535-4020803CD819}) (Version: 1.00.000 - Klett)
Sprachtrainer Fonts (HKLM-x32\...\{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}) (Version: 1.00.01 - Ernst Klett Verlag GmbH)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steuer 2012 (HKLM-x32\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.49.86082 - SugarSync, Inc.)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Vasco da Gama 5 HDPro (HKLM-x32\...\{067D2172-F8F3-477D-B4EE-0B0AA967D544}) (Version: 5.20.0000 - MotionStudios)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.1230 - Lenovo)
Viber Packages (HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Viber Packages) (Version:  - ) <==== ATTENTION
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vokabelkartei interaktiv À plus! 1 (HKLM-x32\...\{C7BD31A9-B17E-4125-8AE6-217C1FF8BE10}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

13-04-2015 21:20:59 Geplanter Prüfpunkt
14-04-2015 22:23:16 Windows Update
16-04-2015 15:16:27 Installed QuickTime 7
16-04-2015 17:55:04 Installed QuickTime 7
16-04-2015 19:15:31 Windows Update
19-04-2015 23:32:19 Windows Update
24-04-2015 18:47:05 Windows Update
27-04-2015 13:51:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2015-01-27 10:48 - 00000914 ____A C:\Windows\system32\Drivers\etc\hosts
162.212.59.2 astrill.com
162.212.59.2 www.astrill.com
162.212.59.2 members.astrill.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01ACE3E5-E24D-4168-9828-57200693D436} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {314C076E-AEB0-4A52-9A91-8055241D2E9B} - System32\Tasks\{5796AFEE-1EE8-40CB-A38B-A77304071210} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/eula
Task: {3C43D0DA-5E0D-4B70-BB68-979C38A4804C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-26] (Google Inc.)
Task: {407F0417-6FFF-43BC-A048-B29E9E14EB77} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo)
Task: {532A9385-F788-47E2-B154-3F4FDDE85B54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-26] (Google Inc.)
Task: {59E40C54-EFD8-4896-92CA-754BA6FF9D5F} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: {5FAD0DF1-CB0C-4158-A389-2F8D3C654CF4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: {7B24406A-F734-4686-BEDF-7E5136008823} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {7D83416D-917E-4CE0-8B80-CE1462C7BDE1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-20] (Adobe Systems Incorporated)
Task: {A2EC5DD3-1432-457D-9807-044E07826E2C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A4ECC2D3-575F-4E7D-8E8D-E2EBDC1CD67C} - System32\Tasks\{E4E6CEA0-3A83-48EC-8DD6-26574D468938} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/privacy
Task: {AA3DFDDE-1B8C-415C-8DB8-0EAB7F1A2C34} - System32\Tasks\{33947901-1A14-4C92-84F7-F8702357D0B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/eula
Task: {B6D97571-3BA0-4DE8-813C-5A936698F727} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {B7EAC507-41F1-4C7F-93A4-7B50B4B43DCD} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {BEFB276E-7BB0-4797-AC73-A7181BD3A8C8} - System32\Tasks\{86DF11BE-D0F2-4081-913E-B4FF56BAB479} => pcalua.exe -a "C:\Users\Silke Laptop\Downloads\QuickTimeInstaller (2).exe" -d "C:\Users\Silke Laptop\Desktop"
Task: {C156C324-CC6C-43A6-BE93-23CE27476A7D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {CB16661A-0C37-4CAC-A969-AEB66A5BF9AD} - System32\Tasks\4808 => Wscript.exe C:\Users\SILKEL~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {CF1D06E6-A583-421F-963E-6ADC030BFA9F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-23 10:44 - 2015-02-23 10:44 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-07-17 23:50 - 2015-02-05 04:29 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 07:17 - 2013-09-05 07:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-18 00:18 - 2012-07-18 00:18 - 00628064 _____ () C:\Windows\system32\SimpleExt.dll
2012-06-18 23:24 - 2012-06-18 23:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2008-12-20 09:20 - 2012-07-18 00:20 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-04-19 22:22 - 2012-07-18 00:20 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-10 22:31 - 2012-07-18 00:20 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll
2008-12-20 09:20 - 2012-07-18 00:20 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-05-16 13:26 - 2012-02-18 00:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-25 20:56 - 2014-07-10 11:41 - 00354840 _____ () C:\Program Files (x86)\Astrill\asovpnc.exe
2013-06-17 18:35 - 2013-06-17 18:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 20:52 - 2013-05-08 20:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-10-17 13:16 - 2014-10-17 13:16 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2012-07-17 23:38 - 2011-11-30 02:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-02-23 10:44 - 2015-02-23 10:44 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-04-28 08:15 - 2015-04-28 08:15 - 00043008 _____ () c:\Users\Silke Laptop\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbsr41p.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00750080 _____ () C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00047616 _____ () C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00865280 _____ () C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 05:45 - 2015-03-05 05:45 - 00200704 _____ () C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-07-18 00:18 - 2012-07-18 00:18 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2012-07-17 23:39 - 2012-02-21 12:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-05 07:14 - 2013-09-05 07:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-05 07:14 - 2013-09-05 07:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 22:46 - 2013-02-14 22:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2012-09-24 03:43 - 2012-09-24 03:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2014-09-12 17:43 - 2014-09-12 17:43 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ASProxy => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\bankofchina.com -> hxxp://www.bankofchina.com
IE trusted site: HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\boc.cn -> hxxps://ebs.boc.cn


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3889148614-2962051019-789845505-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Silke Laptop\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 198.18.112.1 - 202.106.195.68

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{FF75A0C6-ABBF-4B47-9150-3B6FF6285B5E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{388D9B20-133A-4531-9802-56FEFCF851CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CE501C2D-D2DC-4F98-A432-2570E656D35A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AAE7CD43-9E91-4ED3-B6C2-8AEEFA678B8E}] => (Allow) LPort=2869
FirewallRules: [{3ACEEEA7-7C66-4A3E-ADEA-E1B7CFD5EC7C}] => (Allow) LPort=1900
FirewallRules: [{457FE25F-1C43-42AB-8E20-25DF58812E7D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D103FF8F-201E-4D7C-BF2D-DA00B3D2DB42}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{DE4A5041-DAEB-4285-BC57-181C63CD9BED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{50DB570A-32B3-40D7-B941-6856EFAA93E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{9451AB9F-A748-450F-AE20-99688CF96731}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{6A611BE7-A987-4F16-8CE7-BA860C10769E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9B2C3FEC-0C19-43A7-AA7A-433259F9811E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{34C55073-1655-4386-BB60-9EA34BA92AF3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6B422C28-90E2-42EC-A7BD-ECFDBCE81D23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3C74976E-1495-4056-9E3A-20102C012CAF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{680A6091-3123-48C8-B3B9-A0823BB23F6A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6E3803EA-4388-43B4-BE82-5BA4D25BE492}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FAF2C464-EC36-4C7F-B8DF-37DAF066BD89}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9588D567-F594-4CC2-8BCA-69E9ED9B503F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{36A05FAA-39F9-45CB-9548-EACF0C13AAF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{95CD6ACA-5C66-4706-A210-C6A16FC0C2F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{681BD48D-5A2E-45EB-B577-C363135F679A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8F0E83BD-0C1F-4075-BD10-650E5E0C3535}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{0E0035CA-8F07-4D08-9338-9E94F6D96044}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A1058826-B88F-4CB4-B826-862742AFB04D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{702B1C38-7D0C-4C72-83D7-A590599F2FD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{50CDF66E-BFBC-4151-8C82-ADB7FB63AA15}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{4B2B459F-A9E7-4376-854C-BB202DC48CAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{8D9E2E82-EB9E-431F-84F5-4E118A2B67C3}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{AD92E16D-32E4-4E49-A782-EBE7A90A2880}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{404165CF-04D3-44B0-AA19-27BEB6102896}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{49ABBA92-ECCF-4F5D-8C26-26EC4EB75C01}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{1D241959-6850-4BB1-9CDD-B38FD8C72CBF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A8D6C9C8-6416-4173-B33C-C87A31230367}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{B34EA69B-9BFB-4561-8F1C-F45D3C5551DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BD73A05A-01D5-420E-BFB7-00ED55443A77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7B108DBF-7CFB-4160-8BB2-C4A5B3857FF3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{13D18148-D190-4BF7-90CB-C16799198D19}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3AF4B593-C0F2-40D5-9004-01864D42AFE2}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{13F0C5A2-DE20-4306-88AD-EE9D6102F215}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{DA9E0B5F-B1A0-4C85-9D82-99CEFCB993E4}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{8B37005D-9FF4-4E4A-9DD6-2C0284F03F62}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{CBE40753-AAAC-4B10-B4A6-54FF33E989DD}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [{B0AFFCB9-2CB3-42F4-9600-2E5170E18B3A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7E648FA0-890F-4B1E-9A7B-C63DF5394462}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6715560C-D888-4DC8-B101-F00C14671B73}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{59161BC9-0479-4702-80A4-BE84E60D8C92}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{B4ECA111-9C15-4F83-9CA9-4D1A7D335883}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{6FFA469C-6241-4823-A055-BA050BB1297C}] => (Allow) C:\Program Files (x86)\Audials\Audials 11\Audials.exe
FirewallRules: [{D71365AE-2085-473B-82E8-A85E4E92A46B}] => (Allow) LPort=12972
FirewallRules: [{A472A7AA-040F-4DDA-AEB6-286897AC23C5}] => (Allow) LPort=14714
FirewallRules: [{C7CD3EDE-3B20-4FB5-AC5B-63AD9F32D0A3}] => (Allow) LPort=31931
FirewallRules: [{C002942E-9ADD-4141-9141-2DC8B0A89C5B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EEBDA1B6-80CB-4E31-A612-024FDBFCCA95}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{491810AC-EE8F-4A15-B132-C8915A8E2267}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{C883E078-BDAC-4441-A089-76761E43C2CF}] => (Allow) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3691A9B2-9B5B-4B31-B349-DF9B06A13673}] => (Allow) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DAB9C51D-613E-4B47-B316-E3A8CBBC3E8C}] => (Allow) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{490C515F-5B91-4EAD-91D7-45113BD6D2DC}] => (Allow) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F3C9EA14-1C77-4BD1-A6B4-E52AED6C60D8}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{851A874A-F123-41E6-96F7-F0F7524362A1}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{9C80BED9-5B70-41DA-95BB-D39393B91B70}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{596873E3-7C6B-48CA-8012-F224E7CDC98D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7167989-7E57-4FDA-9261-FA3F49AAF5B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/27/2015 08:39:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 03:47:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_4.202.exe, Version 4.2.0.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 152c

Startzeit: 01d080ba90b61806

Endzeit: 30

Anwendungspfad: C:\Users\Silke Laptop\Downloads\adwcleaner_4.202.exe

Berichts-ID: 8924906b-ecb1-11e4-8597-74e5437befb1

Error: (04/27/2015 02:10:58 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/27/2015 02:07:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 10:37:33 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/27/2015 10:36:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 09:59:58 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/27/2015 09:56:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 10:48:09 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/26/2015 10:46:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/28/2015 08:13:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Samsung AllShare PC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/28/2015 08:13:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Samsung AllShare PC erreicht.

Error: (04/27/2015 08:40:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (04/27/2015 08:40:08 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/27/2015 04:00:38 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/27/2015 04:00:38 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/27/2015 04:00:37 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/27/2015 04:00:37 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/27/2015 03:31:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/27/2015 03:31:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/27/2015 08:39:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 03:47:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: adwcleaner_4.202.exe4.2.0.2152c01d080ba90b6180630C:\Users\Silke Laptop\Downloads\adwcleaner_4.202.exe8924906b-ecb1-11e4-8597-74e5437befb1

Error: (04/27/2015 02:10:58 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/27/2015 02:07:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 10:37:33 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/27/2015 10:36:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2015 09:59:58 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/27/2015 09:56:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2015 10:48:09 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/26/2015 10:46:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-02-13 09:28:26.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 09:28:26.787
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 09:23:27.251
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 09:23:27.235
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 08:31:23.583
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 08:31:23.552
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 08:21:53.287
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 08:21:53.193
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 15:32:49.771
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 15:32:49.755
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 8094.36 MB
Available physical RAM: 4656.01 MB
Total Pagefile: 16186.9 MB
Available Pagefile: 12432.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:596.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:22.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A4892B9D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)

==================== End Of Log ============================

cosinus 28.04.2015 20:05
Logs von adwcleaner liegen in c:\adwcleaner
Und bitte auch andere Logs mit Funden posten, falls es welche gab. Anleitung wurde verlinkt.

Silke12345 29.04.2015 00:40
Code:
# AdwCleaner v4.202 - Bericht erstellt 27/04/2015 um 15:20:49
# Aktualisiert 23/04/2015 von Xplode
# Datenbank : 2015-04-23.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Silke Laptop - SILKELENOVO
# Gestarted von : C:\Users\Silke Laptop\Downloads\adwcleaner_4.202.exe
# Option : Suchlauf

***** [ Dienste ] *****

Dienst Gefunden : itnfd_1_10_0_8

***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\Delta
Ordner Gefunden : C:\Program Files (x86)\file scout
Ordner Gefunden : C:\Program Files (x86)\Iminent
Ordner Gefunden : C:\Program Files (x86)\Nation Toolbar
Ordner Gefunden : C:\Program Files (x86)\WSE_Binkiland
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\DSearchLink
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\ProgramData\simplitec
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Local\onlysearch
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Local\Smartbar
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Local\Wajam
Ordner Gefunden : C:\Users\Silke Laptop\AppData\LocalLow\BabylonToolbar
Ordner Gefunden : C:\Users\Silke Laptop\AppData\LocalLow\Smartbar
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Roaming\BabSolution
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Roaming\Delta
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\6su7ocoe.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Silke Laptop\AppData\Roaming\simplitec
Ordner Gefunden : C:\Windows\Util

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Schlüssel Gefunden : HKCU\Software\953dc8ab46fbe10
Schlüssel Gefunden : HKCU\Software\BABSOLUTION
Schlüssel Gefunden : HKCU\Software\Classes\keepmysearch
Schlüssel Gefunden : HKCU\Software\CoinisRS
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Delta
Schlüssel Gefunden : HKCU\Software\filescout
Schlüssel Gefunden : HKCU\Software\Iminent
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Local AppWizard-Generated Applications
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\binkiland.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKCU\Software\Myfree Codec
Schlüssel Gefunden : HKCU\Software\Nation Toolbar
Schlüssel Gefunden : HKCU\Software\smartbarbackup
Schlüssel Gefunden : HKCU\Software\smartbarlog
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\WSE_Binkiland
Schlüssel Gefunden : [x64] HKCU\Software\BABSOLUTION
Schlüssel Gefunden : [x64] HKCU\Software\CoinisRS
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\DataMngr
Schlüssel Gefunden : [x64] HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : [x64] HKCU\Software\Delta
Schlüssel Gefunden : [x64] HKCU\Software\filescout
Schlüssel Gefunden : [x64] HKCU\Software\Iminent
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Local AppWizard-Generated Applications
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1}
Schlüssel Gefunden : [x64] HKCU\Software\Myfree Codec
Schlüssel Gefunden : [x64] HKCU\Software\Nation Toolbar
Schlüssel Gefunden : [x64] HKCU\Software\smartbarbackup
Schlüssel Gefunden : [x64] HKCU\Software\smartbarlog
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\WSE_Binkiland
Schlüssel Gefunden : HKLM\SOFTWARE\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\d
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Delta
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gefunden : HKLM\SOFTWARE\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Binkiland
Schlüssel Gefunden : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gefunden : HKLM\SOFTWARE\Nation Toolbar
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Tarma Installer
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [23595 Bytes] - [27/04/2015 15:20:49]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [23655 Bytes] ##########
Code:
# AdwCleaner v4.202 - Bericht erstellt 27/04/2015 um 15:29:47
# Aktualisiert 23/04/2015 von Xplode
# Datenbank : 2015-04-23.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Silke Laptop - SILKELENOVO
# Gestarted von : C:\Users\Silke Laptop\Downloads\adwcleaner_4.202.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : itnfd_1_10_0_8

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\DSearchLink
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\file scout
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\Nation Toolbar
Ordner Gelöscht : C:\Program Files (x86)\WSE_Binkiland
Ordner Gelöscht : C:\Windows\Util
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Local\onlysearch
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Roaming\Delta
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\6su7ocoe.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gelöscht : C:\Users\Silke Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\d
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\Classes\keepmysearch
Schlüssel Gelöscht : HKCU\Software\953dc8ab46fbe10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Nation Toolbar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\CoinisRS
Schlüssel Gelöscht : HKCU\Software\WSE_Binkiland
Schlüssel Gelöscht : HKCU\Software\Local AppWizard-Generated Applications
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\Nation Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Binkiland
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\binkiland.com
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [24115 Bytes] - [27/04/2015 15:20:49]
AdwCleaner[S0].txt - [22440 Bytes] - [27/04/2015 15:29:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22500  Bytes] ##########
Es gibt unter adw noch eine Quarantine txt datei - benötigst du diese (ist ziemlich lang)? :confused:

cosinus 29.04.2015 23:54
Passt schon

1. Schritt: Malwarebytes (MBAM)

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Silke12345 30.04.2015 01:32
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 30.04.2015
Suchlauf-Zeit: 07:27:31
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.04.29.06
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Silke Laptop

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 439053
Verstrichene Zeit: 21 Min, 52 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 8
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}, In Quarantäne, [dd7df77bcbbfb1850ecdd171669df10f],
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}, In Quarantäne, [dd7df77bcbbfb1850ecdd171669df10f],
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}, In Quarantäne, [dd7df77bcbbfb1850ecdd171669df10f],
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, In Quarantäne, [ed6da6ccc0ca60d62e1df9cfe41f827e],
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, In Quarantäne, [c3976d050b7fe0561e2dc2060df6e41c],
PUP.Optional.IntelliTerm.A, HKLM\SOFTWARE\WOW6432NODE\IntelliTerm_1.10.0.8, In Quarantäne, [6febef83ddad62d4e137d1870500da26],
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A5BBB804-8009-4246-BED3-2D3335981EF6}\INSTL\DATA, In Quarantäne, [2b2f3a386a2049edc5864e7a0af93dc3],
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-3889148614-2962051019-789845505-1000\SOFTWARE\BabylonToolbar, In Quarantäne, [3c1edb976327c96d2698fb35ba4b11ef],

Registrierungswerte: 4
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, hxxp://binkiland.com/?f=3&a=bnk_soft_15_07&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0F0EtBtAyDtAtD0C0B0AtN0D0Tzu0StCtCtAyCtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtAyEtByDyCtAzytG0E0DtBtBtGyD0F0BtAtGtCyE0E0BtGyE0FtB0B0C0F0EyB0CyEzy0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCyD0D0BzzyE0EtGzz0A0C0BtGyE0C0EyEtGzzyCzytDtGtDyB0AyE0C0AyCtDyE0Ezy0C2Q&cr=1013186760&ir=&q=, In Quarantäne, [ed6da6ccc0ca60d62e1df9cfe41f827e]
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, hxxp://binkiland.com/?f=3&a=bnk_soft_15_07&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0F0EtBtAyDtAtD0C0B0AtN0D0Tzu0StCtCtAyCtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtAyEtByDyCtAzytG0E0DtBtBtGyD0F0BtAtGtCyE0E0BtGyE0FtB0B0C0F0EyB0CyEzy0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCyD0D0BzzyE0EtGzz0A0C0BtGyE0C0EyEtGzzyCzytDtGtDyB0AyE0C0AyCtDyE0Ezy0C2Q&cr=1013186760&ir=&q=, In Quarantäne, [c3976d050b7fe0561e2dc2060df6e41c]
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{a5bbb804-8009-4246-bed3-2d3335981ef6}\INSTL\DATA|tlbrSrchUrl, hxxp://binkiland.com/?f=3&a=bnk_soft_15_07&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0F0EtBtAyDtAtD0C0B0AtN0D0Tzu0StCtCtAyCtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtAyEtByDyCtAzytG0E0DtBtBtGyD0F0BtAtGtCyE0E0BtGyE0FtB0B0C0F0EyB0CyEzy0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyCyD0D0BzzyE0EtGzz0A0C0BtGyE0C0EyEtGzzyCzytDtGtDyB0AyE0C0AyCtDyE0Ezy0C2Q&cr=1013186760&ir=&q=, In Quarantäne, [2b2f3a386a2049edc5864e7a0af93dc3]
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Binkiland\\, In Quarantäne, [e179531f593169cdc88d5375df24e818]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 5
PUP.Optional.OnlySearch.A, C:\Users\Silke Laptop\AppData\Local\Temp\bus3763\update.exe, In Quarantäne, [5406b4be8505f343d4c879e5996705fb],
PUP.Optional.Vitruvian.A, C:\Users\Silke Laptop\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, In Quarantäne, [5109cfa38cfe60d65a914311db2adf21],
PUP.Optional.Vitruvian.A, C:\Users\Silke Laptop\AppData\Local\Temp\vitruvian-installer-install-v0003, In Quarantäne, [6ceee48e9ceee94d25c6fb59ce37bf41],
PUP.Optional.Vitruvian.A, C:\Users\Silke Laptop\AppData\Local\Temp\vitruvian-installer-processes-v0002, In Quarantäne, [a0ba7101f4960d29b2397fd5788d8a76],
PUP.Optional.Vitruvian.A, C:\Users\Silke Laptop\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, In Quarantäne, [293162107119142226c50c489f669967],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.6 (04.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Silke Laptop on 30.04.2015 at  8:10:11,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{03FE0228-607B-407F-A604-C17B87BB7C35}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{065F2561-4C54-4B74-9541-34B3D2680514}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{1066AB70-745A-4561-9E68-5332AE1765D6}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{160DB1E5-E752-4053-8A9C-C5F6722899B2}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{164195B1-7F2C-4296-9E1B-86F85120D5B4}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{1709C929-03A5-4883-83C7-5486641CF1EC}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{1889EAB8-18FD-4FF1-BEBE-FA072136F8F8}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{1B8CCC47-FE89-4777-888F-161E46EF0C0B}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{1CE2E273-0182-4AC7-B51A-DB27AB5BC684}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{1EA08129-0880-4F11-8C24-74938AC465DD}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{23662E53-D8F5-4587-A394-16230142963A}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{2853F18B-6FBC-4075-BBBA-8BEB64771014}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{2E213564-6763-4721-BDE0-8B691F5C307B}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{30A4F14E-0E8D-4191-92B7-2416A8E0BBB9}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{324B49B7-A72F-4ADA-9E79-26EC719C1CB6}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{33A57856-F88E-4911-AA43-6BB9C8087945}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{3548271E-6A15-4D25-8A80-F62AAC8A5CED}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{36677548-CE5A-47D3-9475-7C77C4527ECE}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{3793E05A-0BAE-467E-8042-39933236A71E}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{40893CD3-E295-49AC-ADE6-51B7D69783DD}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{4135735A-8BF4-4E45-B4FA-A5739514F9A4}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{44463440-2E73-46B2-B7AB-EE85CFFB701E}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{44AEB431-7078-4C2A-B9B2-139816AD10B0}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{466CE0EB-033C-4552-B888-BA31D7C799EC}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{4901A17A-A170-444B-8E5E-87FA72C89FBC}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{4AD57B73-33B1-40F2-BA3C-C1340A9A2C4D}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{4C59C220-8AC2-46A7-8226-4680F055F50D}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{50097228-7E54-4912-A61C-515C8E519693}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{5137DC15-9719-498A-96BD-FD08B5A76B58}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{520CECC2-5F0A-42C5-A0E8-C1D506CA78C3}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{5210624A-B124-47E1-9CE6-3016FDD6CB13}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{57CA22C3-A809-40AE-9A28-3F43C5CC3742}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{5998C65A-EC65-4FF7-B1AF-E5FFDBB52977}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{59B606D6-CFAB-45C2-BB31-4C3079564041}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{5B7D6154-A7BF-447A-B130-456784483EA8}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{5B843C79-60AB-4A57-A021-5E10C1477B9D}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{5D65CFAC-E1C1-4989-A2EB-91EDA9A6C0CA}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{5D897D4C-BF0B-4970-A64D-EC993C0AD2AF}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{5D9EC1D9-7595-4703-BD18-D7FA87DDE38C}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{63A01B90-CCE1-4CD9-BD90-E2CFE899399E}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{64DB2A7B-3A99-4E0E-B18B-BA4C6DBE6D2E}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{6842F585-1063-41FF-B507-A85C60ED5C6E}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{697F10F3-B8BC-4C64-A480-D3D78FB83CBD}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{6A46431D-CEDC-468D-8E48-31DB525E29FC}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{6C37E225-8AB9-4D44-AF74-E0F91C7DBF19}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{6CEE8F80-8047-4444-8EE6-030FD6E870CC}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{6D285282-97B2-4111-9E2E-7813E9688928}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{72D9A6ED-7C83-4902-94C6-37B8AC8C51D9}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{7392EFD3-8D72-4139-B210-4F697DD90825}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{741057A5-9399-4721-BE60-9BC8B83B5B3B}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{74BAA508-732D-418B-AA98-C81A4C8E4B35}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{74F3B308-5FF1-4436-A71B-F283EE6930A0}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{7A290FE7-A19B-4022-AA9B-B930BEBC7EF9}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{7A6011B7-3582-453E-8EAB-FB686A9FC16F}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{7F0C573E-6B49-4394-A707-FA4C5F410365}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{8444C8D7-55FA-46F7-AB43-28B473FD143E}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{84D529F7-4471-48F2-8D7E-6F8A44440D66}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{85AF6497-7FA5-4554-9C6E-61325E431F27}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{8770C036-2644-46FB-9E13-C9CA12CE32CC}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{877289ED-AE2A-421D-B890-D93872101028}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{89791653-ADA3-41B4-8906-F579EB2D1FDC}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{8D0E91BF-C1AE-437C-AD58-237C8C0E5B49}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{973745E0-F92A-4C2A-AB9F-926E11A9BF5A}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{9C6B1581-DC0D-4D71-B052-47B5B23B36CA}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{9E333299-2B71-447A-8003-56D1929AE52F}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{A17E3B0A-F910-4626-AA70-CF84A35353AD}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{A1968988-87B5-4FA0-975A-04C17149DB33}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{A3993BE9-8E48-4214-A99F-ACBB2B232128}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{A4831FC4-DDD4-42D8-8767-5E22BE120546}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{A77EA137-CDE1-419B-A95D-7AD07D8366D7}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{A7B1806F-738C-49E2-A207-618A152B4666}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{A7F0C83C-3EE5-423B-9E1E-F1865526A6DB}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{A90FAC89-EFDB-4F28-A42E-EDBD5EFA9FD6}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{AC4A3ADF-C6D3-4F3A-9643-A36EAB9DFD74}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{AE01197B-63D9-49A5-9EED-AFA7A59EC7CA}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{B30DB045-BAC8-446A-A5B8-910304B69CB0}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{B5407F99-6BC9-4478-B0C3-C4EEEC28E215}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{B5E48F17-04C3-4ECF-99CF-CE712DA70FFF}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{BC15B390-B805-485A-A1D2-1C6BE8AAA63A}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{BC91AFED-BA90-40F8-866F-A26F16C70B13}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{BF3F271A-B217-4D38-9BB5-8853C7708259}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{C0211EA8-D68F-4291-AD22-FF6F2A9FACC5}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{C34C10AE-0FDD-4699-B77A-3312A54863A9}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{C63CDACD-65EA-41A6-AF43-D417FD0742C4}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{C6EA1A7A-6F0F-4874-AE6F-F98C0869C277}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{C940FB57-6DD2-4171-84D1-4876F5119680}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{CC7E87FD-90A7-406A-A052-6E4F6EB7039A}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{CFFB0052-1272-4724-9F5C-CC6FB3AD2E14}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{D1CC9E9E-639A-4D15-97BF-ED69ECE31E69}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{D2E9EEEA-5A1A-4795-B74F-C1C589E95B83}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{D473D13D-C1B0-4175-82B5-2A45D6FCF3D3}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{D79517C3-CEEF-4F56-B70C-5B98359F32E7}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{D92CE70D-DB4D-4205-BF45-28534CB5F24C}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{DD3022B1-899B-42DF-AED8-0E3A96E91F95}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{DFF9549C-CABF-4618-9EB5-E227F4E45C1D}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{E1FB70B2-F6E9-4721-836A-6A78A4C3EDD4}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{E5F16E9C-B876-4ACA-9CF9-BB78942B3B0D}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{E92FDBA6-43A2-42FE-9FB2-B706580F9E7B}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{EE548651-00F7-48C1-995B-B26F3D764514}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{EEC4DC78-6223-486D-82F8-629CE483977F}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{F12B6BB6-087D-487F-A51A-8AC0822237CD}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{F21577DE-CD4C-42E4-9316-425B6BC44A0B}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{F227C935-90B1-42BF-A466-11091C0170CD}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{F26DF76F-835B-4990-9CC8-CA891AC6B272}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{F47F0457-CE89-4D6D-B854-9A074081BCE2}
Successfully deleted: [Empty Folder] C:\Users\Silke Laptop\appdata\local\{F51E741D-CB5B-4E7B-B6A7-C36848144D99}
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec



~~~ FireFox

Emptied folder: C:\Users\Silke Laptop\AppData\Roaming\mozilla\firefox\profiles\6su7ocoe.default\minidumps [3 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.04.2015 at  8:13:28,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Silke Laptop (administrator) on SILKELENOVO on 30-04-2015 08:25:16
Running from C:\Users\Silke Laptop\Desktop
Loaded Profiles: Silke Laptop (Available profiles: UpdatusUser & Silke Laptop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1022592 2012-04-28] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-04-28] (Atheros Commnucations)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-07-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-23] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-07-18] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-26] ( )
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-03] (Samsung)
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\MountPoints2: {6a3de366-b655-11e2-b103-74e5437befb1} - G:\Setup.exe
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\MountPoints2: {9ad3446a-cab9-11e3-800a-74e5437befb1} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\start.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-23] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-12-23]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Silke Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-07-18] ()
BootExecute: autocheck autochk * FbDefrag

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3889148614-2962051019-789845505-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.de/
HKU\S-1-5-21-3889148614-2962051019-789845505-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3889148614-2962051019-789845505-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-24] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-3889148614-2962051019-789845505-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://cortalconsors.webex.com/client/WBXclient-T28L10NSP12EP6-17378/nbr/ieatgpc1.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 202.106.195.68 202.106.46.151
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Silke Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\6su7ocoe.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin-x32: @cfca.com/SecEditCtl.BOC,version=1.0.0.9 -> C:\Windows\system32\npSecEditCtl.BOC.x86.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Astrill Proxy Switcher - C:\Users\Silke Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\6su7ocoe.default\Extensions\addon@astrill.com [2015-01-25]
FF Extension: Yahoo! Toolbar - C:\Users\Silke Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\6su7ocoe.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-04-27]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-23]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-24]
FF HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Silke Laptop\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-05-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASOVPNHelper; C:\Program Files (x86)\Astrill\ASOvpnSvc.exe [434016 2014-09-08] (Astrill)
S3 ASProxy; C:\Program Files (x86)\Astrill\ASProxy.exe [2169368 2014-11-16] (Astrill)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-28] (Kaspersky Lab ZAO)
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
S2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 asvpndrv; C:\Windows\System32\DRIVERS\asvpndrv.sys [31744 2014-05-17] (Astrill)
S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-10] (Lenovo)
S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-05-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-01-29] (CACE Technologies)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 08:16 - 2015-04-30 08:16 - 00000000 ____D () C:\Users\Silke Laptop\Downloads\FRST-OlderVersion
2015-04-30 08:13 - 2015-04-30 08:13 - 00012793 _____ () C:\Users\Silke Laptop\Desktop\JRT.txt
2015-04-30 08:10 - 2015-04-30 08:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SILKELENOVO-Windows-7-Home-Premium-(64-bit).dat
2015-04-30 08:10 - 2015-04-30 08:10 - 00000000 ____D () C:\RegBackup
2015-04-30 08:09 - 2015-04-30 08:09 - 02716174 _____ (Thisisu) C:\Users\Silke Laptop\Downloads\JRT.exe
2015-04-30 08:07 - 2015-04-30 08:07 - 00004993 _____ () C:\Users\Silke Laptop\Desktop\MBAM.txt
2015-04-30 07:55 - 2015-04-30 07:55 - 00065536 ___HT () C:\Users\Silke Laptop\Documents\~Outlook.pst.tmp
2015-04-30 07:26 - 2015-04-30 08:01 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-30 07:26 - 2015-04-30 07:26 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-30 07:26 - 2015-04-30 07:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-30 07:26 - 2015-04-30 07:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-30 07:26 - 2015-04-30 07:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-30 07:26 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-30 07:26 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-30 07:26 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-30 07:24 - 2015-04-30 07:24 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Silke Laptop\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-28 09:23 - 2015-04-28 09:27 - 00059768 _____ () C:\Users\Silke Laptop\Downloads\Addition.txt
2015-04-28 09:22 - 2015-04-30 08:25 - 00027610 _____ () C:\Users\Silke Laptop\Desktop\FRST.txt
2015-04-28 09:22 - 2015-04-30 08:25 - 00000000 ____D () C:\FRST
2015-04-28 09:20 - 2015-04-30 08:16 - 02101248 _____ (Farbar) C:\Users\Silke Laptop\Desktop\FRST64.exe
2015-04-28 08:23 - 2014-12-12 01:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-28 08:23 - 2014-09-05 10:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-28 08:23 - 2014-09-05 09:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-27 19:25 - 2015-04-27 19:25 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-27 19:25 - 2015-04-27 19:25 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-27 19:25 - 2015-04-27 19:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 15:20 - 2015-04-27 15:31 - 00000000 ____D () C:\AdwCleaner
2015-04-27 15:18 - 2015-04-27 15:19 - 02224640 _____ () C:\Users\Silke Laptop\Downloads\adwcleaner_4.202.exe
2015-04-27 14:08 - 2015-04-27 14:08 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Local\NVIDIA
2015-04-27 14:07 - 2015-04-27 14:07 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-04-27 14:07 - 2015-04-27 14:07 - 00000000 ____D () C:\Windows\system32\NV
2015-04-27 13:59 - 2013-10-02 10:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-04-27 13:59 - 2013-10-02 10:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-27 13:59 - 2013-10-02 10:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-27 13:59 - 2013-10-02 09:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-04-27 13:59 - 2013-10-02 09:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-04-27 13:59 - 2013-10-02 09:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-27 13:59 - 2013-10-02 09:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-04-27 13:59 - 2013-10-02 08:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-27 13:59 - 2013-10-02 08:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-04-27 13:59 - 2013-10-02 08:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-04-27 13:59 - 2013-10-02 08:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-04-27 13:59 - 2013-10-02 07:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-04-27 13:59 - 2013-10-02 07:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-27 13:59 - 2013-10-02 07:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-27 13:59 - 2013-10-02 06:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-27 13:41 - 2015-03-14 11:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-27 13:41 - 2015-03-14 11:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-04-27 13:41 - 2015-03-14 11:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-04-27 13:41 - 2015-03-14 11:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-04-27 13:41 - 2015-01-29 11:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-27 13:41 - 2015-01-29 11:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-04-25 14:57 - 2015-04-25 14:57 - 00000165 ____H () C:\Users\Silke Laptop\Desktop\~$China.xlsx
2015-04-19 13:18 - 2015-04-29 17:06 - 00037979 _____ () C:\Users\Silke Laptop\Desktop\China.xlsx
2015-04-19 11:30 - 2015-04-19 11:30 - 00750672 _____ () C:\Windows\Minidump\041915-21200-01.dmp
2015-04-17 12:36 - 2015-04-17 12:36 - 01234944 _____ () C:\Windows\Minidump\041715-21309-01.dmp
2015-04-16 17:55 - 2015-04-16 17:55 - 00003204 _____ () C:\Windows\System32\Tasks\{86DF11BE-D0F2-4081-913E-B4FF56BAB479}
2015-04-16 17:31 - 2015-04-16 17:54 - 42096984 _____ (Apple Inc.) C:\Users\Silke Laptop\Downloads\QuickTimeInstaller (2).exe
2015-04-16 16:02 - 2015-04-16 16:04 - 00618671 _____ () C:\Users\Silke Laptop\Desktop\Motto 2014.pptx
2015-04-16 15:18 - 2015-04-16 16:18 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-16 15:13 - 2015-04-16 15:14 - 42096984 _____ (Apple Inc.) C:\Users\Silke Laptop\Downloads\QuickTimeInstaller (1).exe
2015-04-15 07:33 - 2015-03-25 11:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 07:33 - 2015-03-25 11:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 07:33 - 2015-03-25 11:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 07:33 - 2015-03-25 11:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 07:33 - 2015-03-25 11:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:33 - 2015-03-25 11:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 07:33 - 2015-03-25 11:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 07:33 - 2015-03-25 11:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 07:33 - 2015-03-25 11:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 07:33 - 2015-03-25 11:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 07:32 - 2015-04-02 08:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 07:32 - 2015-04-02 07:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 07:32 - 2015-03-23 11:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 07:32 - 2015-03-23 11:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 07:32 - 2015-03-23 11:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 07:32 - 2015-03-23 11:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 07:32 - 2015-03-17 13:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:32 - 2015-03-17 13:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 07:32 - 2015-03-17 13:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 07:32 - 2015-03-17 13:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 07:32 - 2015-03-17 13:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 07:32 - 2015-03-17 13:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 07:32 - 2015-03-17 13:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 07:32 - 2015-03-17 13:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 07:32 - 2015-03-17 13:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 07:32 - 2015-03-17 13:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 07:32 - 2015-03-17 13:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 07:32 - 2015-03-17 13:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 07:32 - 2015-03-17 13:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 07:32 - 2015-03-17 13:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 07:32 - 2015-03-17 13:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 13:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 07:32 - 2015-03-17 13:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 07:32 - 2015-03-17 12:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 07:32 - 2015-03-17 12:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 07:32 - 2015-03-17 12:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 07:32 - 2015-03-17 12:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 07:32 - 2015-03-17 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 07:32 - 2015-03-17 12:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 07:32 - 2015-03-17 12:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 11:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 07:32 - 2015-03-17 11:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 07:32 - 2015-03-17 11:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 11:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 11:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:32 - 2015-03-17 11:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:32 - 2015-03-13 12:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 07:32 - 2015-03-13 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 07:32 - 2015-03-13 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 07:32 - 2015-03-13 12:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 07:32 - 2015-03-13 12:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 07:32 - 2015-03-13 12:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 07:32 - 2015-03-13 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 07:32 - 2015-03-13 12:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 07:32 - 2015-03-13 12:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 07:32 - 2015-03-13 12:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 07:32 - 2015-03-13 11:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 07:32 - 2015-03-13 11:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 07:32 - 2015-03-13 11:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 07:32 - 2015-03-13 11:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 07:32 - 2015-03-13 11:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 07:32 - 2015-03-13 11:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 07:32 - 2015-03-13 11:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 07:32 - 2015-03-13 11:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 07:32 - 2015-03-13 11:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 07:32 - 2015-03-13 11:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 07:32 - 2015-03-13 11:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 07:32 - 2015-03-13 11:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 07:32 - 2015-03-13 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 07:32 - 2015-03-13 11:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 07:32 - 2015-03-13 11:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 07:32 - 2015-03-13 11:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 07:32 - 2015-03-13 11:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 07:32 - 2015-03-13 11:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 07:32 - 2015-03-13 11:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 07:32 - 2015-03-13 11:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 07:32 - 2015-03-13 11:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 07:32 - 2015-03-13 11:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 07:32 - 2015-03-13 11:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 07:32 - 2015-03-13 11:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 07:32 - 2015-03-13 11:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 07:32 - 2015-03-13 11:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 07:32 - 2015-03-13 11:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 07:32 - 2015-03-13 11:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 07:32 - 2015-03-13 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 07:32 - 2015-03-13 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 07:32 - 2015-03-13 11:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 07:32 - 2015-03-13 11:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 07:32 - 2015-03-13 10:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 07:32 - 2015-03-13 10:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 07:32 - 2015-03-13 10:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 07:32 - 2015-03-13 10:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 07:32 - 2015-03-13 10:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 07:32 - 2015-03-13 10:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 07:32 - 2015-03-13 10:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 07:32 - 2015-03-13 10:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 07:32 - 2015-03-13 10:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 07:32 - 2015-03-13 10:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 07:32 - 2015-03-13 10:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 07:32 - 2015-03-13 10:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 07:32 - 2015-03-13 10:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 07:32 - 2015-03-13 10:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 07:32 - 2015-03-10 11:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 07:32 - 2015-03-10 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 07:32 - 2015-03-10 11:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 07:32 - 2015-03-10 11:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 07:32 - 2015-03-05 13:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 07:32 - 2015-03-05 12:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 07:32 - 2015-02-25 11:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 07:31 - 2015-03-04 12:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 07:31 - 2015-03-04 12:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 07:31 - 2015-03-04 12:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 07:24 - 2015-04-15 07:25 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Urlaub
2015-04-13 14:03 - 2015-04-17 10:41 - 02687831 _____ () C:\Users\Silke Laptop\Desktop\Beijing.pptx
2015-04-12 00:46 - 2015-04-12 00:47 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-12 00:46 - 2015-04-12 00:46 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-11 19:18 - 2015-04-11 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 08:25 - 2012-11-03 19:56 - 98550784 _____ () C:\Users\Silke Laptop\Documents\Outlook.pst
2015-04-30 08:18 - 2012-10-21 15:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-30 08:10 - 2013-10-26 13:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 08:04 - 2015-03-06 13:28 - 00000000 ___RD () C:\Users\Silke Laptop\Dropbox
2015-04-30 08:04 - 2015-03-06 13:25 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Roaming\Dropbox
2015-04-30 08:04 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-30 08:04 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-30 08:01 - 2012-07-17 23:32 - 01829819 _____ () C:\Windows\WindowsUpdate.log
2015-04-30 07:56 - 2012-11-03 19:29 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Outlook-Dateien
2015-04-30 07:56 - 2012-10-21 04:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-04-30 07:54 - 2012-07-18 00:18 - 00000000 ____D () C:\ProgramData\VeriFace
2015-04-30 07:53 - 2013-10-26 13:05 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 07:53 - 2012-10-21 09:38 - 08346020 _____ () C:\FaceProv.log
2015-04-30 07:53 - 2010-11-21 11:47 - 00321358 _____ () C:\Windows\PFRO.log
2015-04-30 07:53 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-30 07:53 - 2009-07-14 12:51 - 00146030 _____ () C:\Windows\setupact.log
2015-04-30 07:51 - 2009-07-14 13:32 - 00000000 ____D () C:\Windows\Performance
2015-04-30 07:22 - 2012-07-18 09:18 - 00700010 _____ () C:\Windows\system32\perfh007.dat
2015-04-30 07:22 - 2012-07-18 09:18 - 00150304 _____ () C:\Windows\system32\perfc007.dat
2015-04-30 07:22 - 2009-07-14 13:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-29 22:17 - 2014-10-26 14:02 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Garfrescha
2015-04-29 21:59 - 2014-09-21 02:35 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Roaming\Skype
2015-04-29 18:08 - 2015-03-22 10:37 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Rezepte
2015-04-28 19:56 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2015-04-28 09:10 - 2013-06-10 20:29 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Steuer
2015-04-27 19:24 - 2013-01-13 05:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-27 16:32 - 2014-06-06 22:23 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Fitnesscenter Kirchheim Asahi
2015-04-27 14:07 - 2012-07-17 23:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-27 14:06 - 2009-07-14 11:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-27 14:05 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-27 13:58 - 2012-07-17 23:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-27 13:58 - 2012-07-17 23:50 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-26 20:45 - 2012-10-21 04:17 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Roaming\Adobe
2015-04-25 16:35 - 2015-03-06 13:28 - 00001053 _____ () C:\Users\Silke Laptop\Desktop\Dropbox.lnk
2015-04-25 16:35 - 2015-03-06 13:27 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-25 15:06 - 2014-09-21 16:18 - 00000000 ____D () C:\Users\Silke Laptop\Documents\china
2015-04-21 15:37 - 2013-04-09 00:39 - 01426432 ___SH () C:\Users\Silke Laptop\Desktop\Thumbs.db
2015-04-19 11:30 - 2013-04-08 13:02 - 00000000 ____D () C:\Windows\Minidump
2015-04-19 11:30 - 2013-04-08 13:01 - 869054771 _____ () C:\Windows\MEMORY.DMP
2015-04-19 09:26 - 2013-11-06 03:46 - 00178688 ___SH () C:\Users\Silke Laptop\Documents\Thumbs.db
2015-04-17 15:26 - 2015-02-03 18:09 - 00035607 _____ () C:\Users\Silke Laptop\Desktop\Ausgaben China.xlsx
2015-04-17 08:34 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 19:32 - 2014-12-11 22:10 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 19:32 - 2014-05-07 12:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 19:32 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 19:31 - 2014-02-27 14:21 - 01596482 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 19:31 - 2012-11-03 19:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 19:27 - 2013-07-19 13:51 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 19:22 - 2012-11-03 20:51 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-16 19:22 - 2009-07-14 10:34 - 00000537 _____ () C:\Windows\win.ini
2015-04-16 19:05 - 2012-10-21 15:55 - 00000000 ____D () C:\Users\Silke Laptop\AppData\Local\CrashDumps
2015-04-16 16:18 - 2012-10-21 15:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-16 16:18 - 2012-10-21 15:39 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-16 16:18 - 2012-10-21 15:39 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-16 14:28 - 2015-03-22 11:25 - 00000000 ____D () C:\Users\Silke Laptop\Desktop\Bilder
2015-04-15 07:18 - 2013-07-15 00:47 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Finanzen
2015-04-13 20:38 - 2013-04-11 19:24 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Eigene Scans
2015-04-12 17:32 - 2014-09-21 02:34 - 00000000 ____D () C:\ProgramData\Skype
2015-04-12 16:55 - 2014-01-22 01:37 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Spullersee
2015-04-12 12:58 - 2015-01-13 16:34 - 00000000 ____D () C:\Users\Silke Laptop\Documents\Postbank Kontoauszüge
2015-04-12 11:45 - 2015-03-14 20:13 - 00000000 ____D () C:\Users\Silke Laptop\Documents\TS
2015-04-11 19:18 - 2013-06-02 16:13 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-04-11 19:18 - 2012-11-20 14:14 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-04-02 18:40 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2014-07-04 20:26 - 2014-07-04 20:26 - 0001181 _____ () C:\Users\Silke Laptop\AppData\Roaming\trace_FilterInstaller.1.txt
2014-07-04 20:26 - 2014-07-04 20:59 - 0000919 _____ () C:\Users\Silke Laptop\AppData\Roaming\trace_FilterInstaller.txt
2014-07-04 20:26 - 2014-07-04 20:59 - 0000000 _____ () C:\Users\Silke Laptop\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-11-04 19:06 - 2012-11-04 19:06 - 0004096 ____H () C:\Users\Silke Laptop\AppData\Local\keyfile3.drm
2014-09-15 01:52 - 2014-12-21 00:47 - 0007602 _____ () C:\Users\Silke Laptop\AppData\Local\resmon.resmoncfg
2013-09-17 04:36 - 2013-09-17 04:36 - 0017408 _____ () C:\Users\Silke Laptop\AppData\Local\WebpageIcons.db
2012-12-23 22:16 - 2014-06-16 19:26 - 0001321 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Silke Laptop\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\Silke Laptop\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\Silke Laptop\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnhh7jk.dll
C:\Users\Silke Laptop\AppData\Local\Temp\Execute2App.exe
C:\Users\Silke Laptop\AppData\Local\Temp\msvcp90.dll
C:\Users\Silke Laptop\AppData\Local\Temp\msvcr90.dll
C:\Users\Silke Laptop\AppData\Local\Temp\Quarantine.exe
C:\Users\Silke Laptop\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Silke Laptop\AppData\Local\Temp\sqlite3.dll
C:\Users\Silke Laptop\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 18:48

==================== End Of Log ============================
--- --- ---

--- --- ---

Silke12345 30.04.2015 01:48
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Silke Laptop at 2015-04-30 08:25:40
Running from C:\Users\Silke Laptop\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3889148614-2962051019-789845505-500 - Administrator - Disabled)
Gast (S-1-5-21-3889148614-2962051019-789845505-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3889148614-2962051019-789845505-1003 - Limited - Enabled)
Silke Laptop (S-1-5-21-3889148614-2962051019-789845505-1001 - Administrator - Enabled) => C:\Users\Silke Laptop
UpdatusUser (S-1-5-21-3889148614-2962051019-789845505-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ActiveTrader Deutschland (HKLM-x32\...\{0DE75F32-3E22-42F7-B6CD-5A6644581F4E}) (Version: 6.1.1 - Cortal Consors)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Astrill (HKLM\...\{A77BCF74-A5A3-441B-9923-305EAD8B7976}_is1) (Version:  - Astrill)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.135 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)
Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Audials (HKLM-x32\...\{DA6EBFC9-8869-4B61-8D38-2668A395C5B0}) (Version: 11.0.54400.0 - Audials AG)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.32.50 - Conexant)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.0.0 - devolo AG)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Easy MP3 Cutter 3.0 (HKLM-x32\...\Easy MP3 Cutter_is1) (Version:  - ManiacTools.com)
EG21 Vokabelkartei interaktiv 1 (HKLM-x32\...\{A036DB99-B62F-4110-8D87-9DF0D6DC4022}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
EG21 Vokabelkartei interaktiv 2 (HKLM-x32\...\{D9C1E527-F7B8-4C32-8186-E59DDD38C475}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.4.1 - Lenovo)
Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Freddy:Mathe5/Mathe6 (HKLM-x32\...\freddyMathe56) (Version:  - )
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM)
Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden
KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.12.204.1 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 10.4.2.8 - ELAN Microelectronic Corp.)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{B73D2BF9-2C82-40A4-AFA8-32CE2E501640}) (Version: 2.2.002.00 - Lenovo Group Limited)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0011.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo)
LockKey (x32 Version: 1.38.1.2 - Lenovo) Hidden
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Foto Manager MX Deluxe (HKLM-x32\...\MAGIX_{4CAD11B3-9066-4106-B7A0-CCFB466DED13}) (Version: 9.0.1.250 - MAGIX AG)
MAGIX Foto Manager MX Deluxe (Version: 9.0.1.250 - MAGIX AG) Hidden
MAGIX Foto Manager MX Deluxe Update (Version: 9.0.2.256 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Bild-in-Bild Demo-Projekt) (HKLM-x32\...\MAGIX_{1442E56B-CCAD-4F3E-86A5-748CCAAAB143}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Bild-in-Bild Demo-Projekt) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Designelemente 1) (HKLM-x32\...\MAGIX_{C989667E-9CB4-49EA-BCA8-FECB9B25C8C5}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Designelemente 1) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Designelemente 2) (HKLM-x32\...\MAGIX_{24109D13-A0E6-460C-99E2-12CA7C09EAA7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Designelemente 2) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Filmtrailer) (HKLM-x32\...\MAGIX_{09431E25-F7CE-488F-9910-9279F00A742A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Filmtrailer) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Fotoshow Maker-Stile 1) (HKLM-x32\...\MAGIX_{35F6D705-750C-4635-AF60-035FAEDA2FC0}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Fotoshow Maker-Stile 1) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Fotoshow Maker-Stile 2) (HKLM-x32\...\MAGIX_{3DC4C012-CC0A-4663-9F64-1D956F97ADE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Fotoshow Maker-Stile 2) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (HKLM-x32\...\MAGIX_{57F4B170-E76D-47F9-B6BA-F3D4FB7445B6}) (Version: 12.0.0.75 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{EB13DF91-4D92-43A7-93BC-4D080D2E8227}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Individuelle Menüvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Menüvorlagen 1) (HKLM-x32\...\MAGIX_{3D8C348D-FE2E-46FA-8899-23B043D673D2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Menüvorlagen 1) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Menüvorlagen 2) (HKLM-x32\...\MAGIX_{56EC4F76-BF2D-476E-947F-DF627EA71630}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Menüvorlagen 2) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Nachvertonungsarchiv) (HKLM-x32\...\MAGIX_{AEF35DCE-5F53-43CF-AA71-6BE270C3AF10}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Nachvertonungsarchiv) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Soundtrack Maker-Stile) (HKLM-x32\...\MAGIX_{897E988E-A520-412B-99B9-3D04904FA6D3}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Soundtrack Maker-Stile) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Titeleffekte) (HKLM-x32\...\MAGIX_{FBA359C1-5530-45AB-ACA3-56C7693612DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Titeleffekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Überblendeffekte) (HKLM-x32\...\MAGIX_{953D4F60-9038-44EB-A867-6DFCDFFB6AA8}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Überblendeffekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Fotos auf DVD 2013 Deluxe (Version: 12.0.0.75 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{AC378B42-5783-4CD0-A699-AA4AD2D3D3C7}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker Soundtrack Edition (Demosongs) (HKLM-x32\...\MAGIX_{7008FDC2-9B1A-4398-BE02-5365B578471A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker Soundtrack Edition (Demosongs) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Soundtrack Edition (HKLM-x32\...\MAGIX_{13608872-D05A-43C8-A9A3-F565B504DD61}) (Version: 19.0.3.46 - MAGIX AG)
MAGIX Music Maker Soundtrack Edition (Synthesizer und Effekte) (HKLM-x32\...\MAGIX_{0DE9B74C-4FF3-4AFF-8026-58CE0DA157EF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker Soundtrack Edition (Synthesizer und Effekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Soundtrack Edition (Version: 19.0.3.46 - MAGIX AG) Hidden
MAGIX Music Maker Soundtrack Edition Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}) (Version: 2.0.1.9 - MAGIX AG)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{23C780EF-FF93-4955-BCE4-B4CCF0D38268}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Meine CEWE FOTOWELT (HKLM-x32\...\Meine CEWE FOTOWELT) (Version: 5.1.6 - CEWE Stiftung u Co. KGaA)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
mHotspot version 6.4.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 6.4.0.0 - mHotspot, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\MyFreeCodec) (Version:  - )
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA Grafiktreiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39016 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Rossmann Fotowelt Software 4.12.1 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SecEditCtl.BOC (only remove) (HKLM-x32\...\SecEditCtl.BOC01000009) (Version:  - CFCA)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sprachtrainer Découvertes 2 (HKLM-x32\...\{ACC901CB-12A9-4252-8535-4020803CD819}) (Version: 1.00.000 - Klett)
Sprachtrainer Fonts (HKLM-x32\...\{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}) (Version: 1.00.01 - Ernst Klett Verlag GmbH)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steuer 2012 (HKLM-x32\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.49.86082 - SugarSync, Inc.)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Vasco da Gama 5 HDPro (HKLM-x32\...\{067D2172-F8F3-477D-B4EE-0B0AA967D544}) (Version: 5.20.0000 - MotionStudios)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.1230 - Lenovo)
Viber Packages (HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\Viber Packages) (Version:  - ) <==== ATTENTION
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vokabelkartei interaktiv À plus! 1 (HKLM-x32\...\{C7BD31A9-B17E-4125-8AE6-217C1FF8BE10}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3889148614-2962051019-789845505-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

14-04-2015 22:23:16 Windows Update
16-04-2015 15:16:27 Installed QuickTime 7
16-04-2015 17:55:04 Installed QuickTime 7
16-04-2015 19:15:31 Windows Update
19-04-2015 23:32:19 Windows Update
24-04-2015 18:47:05 Windows Update
27-04-2015 13:51:24 Windows Update
28-04-2015 18:37:37 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2015-01-27 10:48 - 00000914 ____A C:\Windows\system32\Drivers\etc\hosts
162.212.59.2 astrill.com
162.212.59.2 www.astrill.com
162.212.59.2 members.astrill.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01ACE3E5-E24D-4168-9828-57200693D436} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {314C076E-AEB0-4A52-9A91-8055241D2E9B} - System32\Tasks\{5796AFEE-1EE8-40CB-A38B-A77304071210} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/eula
Task: {3C43D0DA-5E0D-4B70-BB68-979C38A4804C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-26] (Google Inc.)
Task: {407F0417-6FFF-43BC-A048-B29E9E14EB77} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo)
Task: {532A9385-F788-47E2-B154-3F4FDDE85B54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-26] (Google Inc.)
Task: {59E40C54-EFD8-4896-92CA-754BA6FF9D5F} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: {5FAD0DF1-CB0C-4158-A389-2F8D3C654CF4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: {7B24406A-F734-4686-BEDF-7E5136008823} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {7D83416D-917E-4CE0-8B80-CE1462C7BDE1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-20] (Adobe Systems Incorporated)
Task: {A2EC5DD3-1432-457D-9807-044E07826E2C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A4ECC2D3-575F-4E7D-8E8D-E2EBDC1CD67C} - System32\Tasks\{E4E6CEA0-3A83-48EC-8DD6-26574D468938} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/privacy
Task: {AA3DFDDE-1B8C-415C-8DB8-0EAB7F1A2C34} - System32\Tasks\{33947901-1A14-4C92-84F7-F8702357D0B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/eula
Task: {B6D97571-3BA0-4DE8-813C-5A936698F727} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {B7EAC507-41F1-4C7F-93A4-7B50B4B43DCD} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {BEFB276E-7BB0-4797-AC73-A7181BD3A8C8} - System32\Tasks\{86DF11BE-D0F2-4081-913E-B4FF56BAB479} => pcalua.exe -a "C:\Users\Silke Laptop\Downloads\QuickTimeInstaller (2).exe" -d "C:\Users\Silke Laptop\Desktop"
Task: {C156C324-CC6C-43A6-BE93-23CE27476A7D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {CB16661A-0C37-4CAC-A969-AEB66A5BF9AD} - System32\Tasks\4808 => Wscript.exe C:\Users\SILKEL~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {CF1D06E6-A583-421F-963E-6ADC030BFA9F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-23 10:44 - 2015-02-23 10:44 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-05 07:17 - 2013-09-05 07:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-18 00:18 - 2012-07-18 00:18 - 00628064 _____ () C:\Windows\system32\SimpleExt.dll
2012-06-18 23:24 - 2012-06-18 23:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-06-17 18:35 - 2013-06-17 18:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 20:52 - 2013-05-08 20:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2015-02-23 10:44 - 2015-02-23 10:44 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-05 07:14 - 2013-09-05 07:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 22:46 - 2013-02-14 22:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ASProxy => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\bankofchina.com -> hxxp://www.bankofchina.com
IE trusted site: HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\boc.cn -> hxxps://ebs.boc.cn

IE restricted site: HKU\S-1-5-21-3889148614-2962051019-789845505-1001\...\wpkg.org -> www.wpkg.org

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3889148614-2962051019-789845505-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Silke Laptop\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 202.106.195.68 - 202.106.46.151

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{FF75A0C6-ABBF-4B47-9150-3B6FF6285B5E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{388D9B20-133A-4531-9802-56FEFCF851CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CE501C2D-D2DC-4F98-A432-2570E656D35A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AAE7CD43-9E91-4ED3-B6C2-8AEEFA678B8E}] => (Allow) LPort=2869
FirewallRules: [{3ACEEEA7-7C66-4A3E-ADEA-E1B7CFD5EC7C}] => (Allow) LPort=1900
FirewallRules: [{457FE25F-1C43-42AB-8E20-25DF58812E7D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D103FF8F-201E-4D7C-BF2D-DA00B3D2DB42}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{DE4A5041-DAEB-4285-BC57-181C63CD9BED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{50DB570A-32B3-40D7-B941-6856EFAA93E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
FirewallRules: [{9451AB9F-A748-450F-AE20-99688CF96731}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{6A611BE7-A987-4F16-8CE7-BA860C10769E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9B2C3FEC-0C19-43A7-AA7A-433259F9811E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{34C55073-1655-4386-BB60-9EA34BA92AF3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6B422C28-90E2-42EC-A7BD-ECFDBCE81D23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3C74976E-1495-4056-9E3A-20102C012CAF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{680A6091-3123-48C8-B3B9-A0823BB23F6A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6E3803EA-4388-43B4-BE82-5BA4D25BE492}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FAF2C464-EC36-4C7F-B8DF-37DAF066BD89}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9588D567-F594-4CC2-8BCA-69E9ED9B503F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{36A05FAA-39F9-45CB-9548-EACF0C13AAF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{95CD6ACA-5C66-4706-A210-C6A16FC0C2F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{681BD48D-5A2E-45EB-B577-C363135F679A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8F0E83BD-0C1F-4075-BD10-650E5E0C3535}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{0E0035CA-8F07-4D08-9338-9E94F6D96044}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A1058826-B88F-4CB4-B826-862742AFB04D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{702B1C38-7D0C-4C72-83D7-A590599F2FD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{50CDF66E-BFBC-4151-8C82-ADB7FB63AA15}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{4B2B459F-A9E7-4376-854C-BB202DC48CAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{8D9E2E82-EB9E-431F-84F5-4E118A2B67C3}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{AD92E16D-32E4-4E49-A782-EBE7A90A2880}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{404165CF-04D3-44B0-AA19-27BEB6102896}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{49ABBA92-ECCF-4F5D-8C26-26EC4EB75C01}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{1D241959-6850-4BB1-9CDD-B38FD8C72CBF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A8D6C9C8-6416-4173-B33C-C87A31230367}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{B34EA69B-9BFB-4561-8F1C-F45D3C5551DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{BD73A05A-01D5-420E-BFB7-00ED55443A77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7B108DBF-7CFB-4160-8BB2-C4A5B3857FF3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{13D18148-D190-4BF7-90CB-C16799198D19}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3AF4B593-C0F2-40D5-9004-01864D42AFE2}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{13F0C5A2-DE20-4306-88AD-EE9D6102F215}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{DA9E0B5F-B1A0-4C85-9D82-99CEFCB993E4}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{8B37005D-9FF4-4E4A-9DD6-2C0284F03F62}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{CBE40753-AAAC-4B10-B4A6-54FF33E989DD}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [{B0AFFCB9-2CB3-42F4-9600-2E5170E18B3A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7E648FA0-890F-4B1E-9A7B-C63DF5394462}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6715560C-D888-4DC8-B101-F00C14671B73}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{59161BC9-0479-4702-80A4-BE84E60D8C92}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{B4ECA111-9C15-4F83-9CA9-4D1A7D335883}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{6FFA469C-6241-4823-A055-BA050BB1297C}] => (Allow) C:\Program Files (x86)\Audials\Audials 11\Audials.exe
FirewallRules: [{D71365AE-2085-473B-82E8-A85E4E92A46B}] => (Allow) LPort=12972
FirewallRules: [{A472A7AA-040F-4DDA-AEB6-286897AC23C5}] => (Allow) LPort=14714
FirewallRules: [{C7CD3EDE-3B20-4FB5-AC5B-63AD9F32D0A3}] => (Allow) LPort=31931
FirewallRules: [{C002942E-9ADD-4141-9141-2DC8B0A89C5B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EEBDA1B6-80CB-4E31-A612-024FDBFCCA95}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{491810AC-EE8F-4A15-B132-C8915A8E2267}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{C883E078-BDAC-4441-A089-76761E43C2CF}] => (Allow) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3691A9B2-9B5B-4B31-B349-DF9B06A13673}] => (Allow) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DAB9C51D-613E-4B47-B316-E3A8CBBC3E8C}] => (Allow) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{490C515F-5B91-4EAD-91D7-45113BD6D2DC}] => (Allow) C:\Users\Silke Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F3C9EA14-1C77-4BD1-A6B4-E52AED6C60D8}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{851A874A-F123-41E6-96F7-F0F7524362A1}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{9C80BED9-5B70-41DA-95BB-D39393B91B70}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{596873E3-7C6B-48CA-8012-F224E7CDC98D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7167989-7E57-4FDA-9261-FA3F49AAF5B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2015 07:58:01 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/30/2015 07:54:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2015 07:19:54 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/30/2015 07:16:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2015 10:11:08 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/29/2015 10:08:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2015 08:53:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4914

Error: (04/29/2015 08:53:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4914

Error: (04/29/2015 08:53:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2015 07:03:53 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (04/30/2015 08:10:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Astrill OpenVPN Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 08:10:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 08:10:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/30/2015 08:10:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 08:10:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 08:10:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/30/2015 08:10:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ZAtheros Bt&Wlan Coex Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 08:10:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 08:10:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/30/2015 08:10:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live Family Safety Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/30/2015 07:58:01 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/30/2015 07:54:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/30/2015 07:19:54 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/30/2015 07:16:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2015 10:11:08 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/29/2015 10:08:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/29/2015 08:53:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4914

Error: (04/29/2015 08:53:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4914

Error: (04/29/2015 08:53:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2015 07:03:53 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
  at AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
  at AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
  at AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
  at AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
  at AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
  at AllShareDMS.AllShareDMS.DoStart()
  at AllShareDMS.AllShareDMS.OnStart(String[] args)
  at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


CodeIntegrity Errors:
===================================
  Date: 2015-02-13 09:28:26.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 09:28:26.787
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 09:23:27.251
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 09:23:27.235
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 08:31:23.583
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 08:31:23.552
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 08:21:53.287
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 08:21:53.193
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 15:32:49.771
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 15:32:49.755
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 28%
Total physical RAM: 8094.36 MB
Available physical RAM: 5748.02 MB
Total Pagefile: 16186.9 MB
Available Pagefile: 13852.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:595.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:22.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A4892B9D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)

==================== End Of Log ============================
Habe mal getestet - Umleitung auf wpkg erfolgt noch ...

oh, nochmal Rechner neu gestartet - bisher keine unerwünschte Umleitung mehr entdeckt :Boogie:
Muss ich noch weitere Schritte durchführen???

cosinus 30.04.2015 14:38
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {B7EAC507-41F1-4C7F-93A4-7B50B4B43DCD} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {CB16661A-0C37-4CAC-A969-AEB66A5BF9AD} - System32\Tasks\4808 => Wscript.exe C:\Users\SILKEL~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Silke12345 30.04.2015 15:26
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-04-2015 01
Ran by Silke Laptop at 2015-04-30 22:04:06 Run:1
Running from C:\Users\Silke Laptop\Desktop
Loaded Profiles: Silke Laptop (Available profiles: UpdatusUser & Silke Laptop)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {B7EAC507-41F1-4C7F-93A4-7B50B4B43DCD} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {CB16661A-0C37-4CAC-A969-AEB66A5BF9AD} - System32\Tasks\4808 => Wscript.exe C:\Users\SILKEL~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
EmptyTemp:

*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7EAC507-41F1-4C7F-93A4-7B50B4B43DCD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7EAC507-41F1-4C7F-93A4-7B50B4B43DCD}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB16661A-0C37-4CAC-A969-AEB66A5BF9AD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB16661A-0C37-4CAC-A969-AEB66A5BF9AD}" => Key deleted successfully.
C:\Windows\System32\Tasks\4808 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4808" => Key deleted successfully.
EmptyTemp: => Removed 6.6 GB temporary data.


The system needed a reboot.

==== End of Fixlog 22:04:57 ====

cosinus 30.04.2015 18:35
Okay, dann Kontrollscans mit ESET und SC bitte:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

Silke12345 01.05.2015 07:16
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=fd1b9c0fd5975c4da078f9b3f5308150
# engine=23648
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-01 04:36:57
# local_time=2015-05-01 12:36:57 (+0800, China Normalzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 0 61933039 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 182084867 0 0
# scanned=424190
# found=18
# cleaned=0
# scan_time=8767
sh=34622C0C9B0F72AB2F67AE3BD7CF94EF76B2B54D ft=1 fh=422f90d5b5335443 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.24.6\deltaApp.dll.vir"
sh=80C8F13A1918FAEEAB9673C1CCF96E52325EE695 ft=1 fh=0aefb751d92be997 vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.24.6\deltaEng.dll.vir"
sh=AFD5B25F86CFD3045CCFF940A249A1DA89DEDE5D ft=1 fh=c55a3c08e5709f9a vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.24.6\uninstall.exe.vir"
sh=95D5515B47FBB47D241A0C363041A94B524FCE43 ft=1 fh=52f144b1d5077b05 vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WSE_Binkiland\uninstall.exe.vir"
sh=246DDBC3A2C223A6B9072637D93DC2A2832D097A ft=1 fh=c71c0011b04f613a vn="Win32/Toolbar.Babylon.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir"
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=9BBA153C03D5767E085320A69F07B7F54FD41F88 ft=1 fh=ef73808c6ed3971d vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Silke Laptop\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.unused.vir"
sh=C7607F78C43163F8DFD9627AE7BC963EC6F5DA10 ft=1 fh=47456041225d132a vn="Variante von Win32/Toolbar.Linkury.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Silke Laptop\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=C7607F78C43163F8DFD9627AE7BC963EC6F5DA10 ft=1 fh=47456041225d132a vn="Variante von Win32/Toolbar.Linkury.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Silke Laptop\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=96DC511A6AF044E6E6EADCE6D73FC129B5F889A4 ft=1 fh=e2590ad5a0eab0ac vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Silke Laptop\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=96DC511A6AF044E6E6EADCE6D73FC129B5F889A4 ft=1 fh=e2590ad5a0eab0ac vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Silke Laptop\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=1549CF4F9282F1B42A58B5E050E12EF0AD669798 ft=1 fh=ffe6693d8bc7d6c5 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Silke Laptop\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir"
sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Silke Laptop\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir"
sh=37CCAD86409E08816A4C00F1DBEA4604BA36D3A1 ft=1 fh=919a9505016e0e1e vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Silke Laptop\AppData\Roaming\OpenCandy\14237327F49749AAA795668B3C339CB8\DeltaTB.exe.vir"
sh=4C7FF09DBA96C9BDD54E3CB26736E72266FB8A4A ft=1 fh=e82afa3eac52d223 vn="Variante von Win32/InstallCore.WQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Silke Laptop\AppData\Roaming\0S1F1O2ZtAtB\Viber Packages\uninstaller.exe"
sh=FC952CC58956273EF16C4AC5BD7CC12A48015BB4 ft=1 fh=769ba96c729110a2 vn="Win32/DomaIQ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Silke Laptop\Downloads\Minecraft.exe"
sh=C649A98452A4FF0E920CBCBD762AD8E11A89B158 ft=1 fh=74ae9e1d8089bb9d vn="Win32/Toolbar.SearchSuite.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Silke Laptop\Downloads\ViberSetup [1].exe"
sh=020DB0ADFCC334EB0F0B1172584DEB0B9FF1E753 ft=1 fh=b138f721f7358728 vn="Variante von Win32/InstallCore.VM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Silke Laptop\Downloads\ViberSetup.exe"
Code:
Results of screen317's Security Check version 1.00 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 31 
 Java version 32-bit out of Date!
 Adobe Flash Player 17.0.0.169 
 Adobe Reader XI 
 Mozilla Firefox (37.0.2)
````````Process Check: objlist.exe by Laurent```````` 
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe 
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

cosinus 02.05.2015 20:17
Zitat:
Java 8 Update 31
Java version 32-bit out of Date!
Java deinstallieren. Wenn es keinen triftigen Grund auch nich mehr installieren. So wie mit jeder anderen Softare auch. Es wird nur das installiert was auch wirklich benötigt wird.
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Silke Laptop\AppData\Roaming\0S1F1O2ZtAtB\Viber Packages\uninstaller.exe
C:\Users\Silke Laptop\Downloads\Minecraft.exe
C:\Users\Silke Laptop\Downloads\ViberSetup [1].exe
C:\Users\Silke Laptop\Downloads\ViberSetup.exe
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Silke12345 03.05.2015 04:27
[CODE][Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-04-2015 01
Ran by Silke Laptop at 2015-05-03 11:15:41 Run:2
Running from C:\Users\Silke Laptop\Desktop
Loaded Profiles: Silke Laptop (Available profiles: UpdatusUser & Silke Laptop)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Silke Laptop\AppData\Roaming\0S1F1O2ZtAtB\Viber Packages\uninstaller.exe
C:\Users\Silke Laptop\Downloads\Minecraft.exe
C:\Users\Silke Laptop\Downloads\ViberSetup [1].exe
C:\Users\Silke Laptop\Downloads\ViberSetup.exe
EmptyTemp:
*****************

C:\Users\Silke Laptop\AppData\Roaming\0S1F1O2ZtAtB\Viber Packages\uninstaller.exe => Moved successfully.
C:\Users\Silke Laptop\Downloads\Minecraft.exe => Moved successfully.
C:\Users\Silke Laptop\Downloads\ViberSetup [1].exe => Moved successfully.
C:\Users\Silke Laptop\Downloads\ViberSetup.exe => Moved successfully.
EmptyTemp: => Removed 258.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 11:15:51 ====/CODE]


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:48 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131