Nervige Popups, Videos so wie ständiges selbst Installieren von Anyprotect und Mystartserac Hi Leute.
Ich hab folgendes Problem.
Vor 2 Tagen hab ich mein Opera aktualisiert. Seit dem werde ich von nervender Werbung(Popups,Video, ect) genervt dazu kommt noch das sich ohne das ich es will Anyprotect und mystartserac auf meinem Pc breitmachen. Ich versuche sie zwar immer mit dem Revo Uninstaller zu tilgen aber sie kommen immer wieder. Ich weiß nicht mehr was ich tun soll.
Hier mal ein Frst:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Spieler (administrator) on HEIKEHARDER-HP on 11-06-2015 19:03:38
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Loaded Profiles: Heike Harder & Spieler & UpdatusUser & Gast (Available Profiles: Heike Harder & Spieler & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\shopperz\csrcc.exe
() C:\Program Files\shopperz\Jmahzov.exe
() C:\Program Files\shopperz\Huyde.exe
() C:\Program Files\shopperz\Huyde64.exe
() C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Local\22CAFA80-1433844267-1016-BFEA-A7801F358095\snss5210.tmp
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\22CAFA80-1433836887-1016-BFEA-A7801F358095\nst47C2.tmp
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files\shopperz\Jvpmajlij.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\22CAFA80-1433836887-1016-BFEA-A7801F358095\hnsbDB0C.tmp
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-24] (Realtek Semiconductor)
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\Huyde.exe [434024 2015-06-07] ()
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\Huyde64.exe [464744 2015-06-07] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Users\Heike Harder\Documents\Downloads\Creative Suite 2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ConvertAd] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\ConvertAd\ConvertAd.exe
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [WinCheck] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\22CAFA80-1433844131-1016-BFEA-A7801F358095\bnsm4065.exe [359936 2015-06-05] ()
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\...\MountPoints2: {5b54d4cf-1aaf-11e0-874c-806e6f6e6963} - E:\pcb6_German.exe
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Akamai NetSession Interface] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [vm6] => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe [175424 2014-03-19] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Amazon Music] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8833400 2015-03-17] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax_RESTART] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8833400 2015-03-17] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8833400 2015-03-17] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\MountPoints2: {5b54d4cf-1aaf-11e0-874c-806e6f6e6963} - E:\start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-02-01]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-02-11] ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-03-18] ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-03-18] ()
ShellIconOverlayIdentifiers: [CloudIcon_DOWNLOAD] -> {C3DBFBE2-A521-4619-9F32-502318CB4EC2} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll [2012-04-25] (CyberGhost SRL)
ShellIconOverlayIdentifiers: [CloudIcon_ERROR] -> {851C758E-C636-4045-B323-059931A3A331} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll [2012-04-25] (CyberGhost SRL)
ShellIconOverlayIdentifiers: [CloudIcon_INSYNC] -> {580030D3-492E-45EA-A1C9-A0AC525BEB26} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll [2012-04-25] (CyberGhost SRL)
ShellIconOverlayIdentifiers: [CloudIcon_REFRESH] -> {FEBF62C8-B6B3-43B7-BEC4-1A9CD61BDCD2} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll [2012-04-25] (CyberGhost SRL)
ShellIconOverlayIdentifiers: [CloudIcon_UPLOAD] -> {EBED3602-8915-43F9-81F7-CAA6FC4F70D6} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll [2012-04-25] (CyberGhost SRL)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:60245;https=127.0.0.1:60245
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1433876453&z=6d4a45aed76e3f37086c6f5g4z7c9c5b0mbq2z4wdo&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1433876453&z=6d4a45aed76e3f37086c6f5g4z7c9c5b0mbq2z4wdo&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1433962659&z=b7856f5c752ac150c29534egfz8cac7t6q4o0q6w0t&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1433962659&z=b7856f5c752ac150c29534egfz8cac7t6q4o0q6w0t&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1433876453&z=6d4a45aed76e3f37086c6f5g4z7c9c5b0mbq2z4wdo&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1433876453&z=6d4a45aed76e3f37086c6f5g4z7c9c5b0mbq2z4wdo&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1433962659&z=b7856f5c752ac150c29534egfz8cac7t6q4o0q6w0t&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1433962659&z=b7856f5c752ac150c29534egfz8cac7t6q4o0q6w0t&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1433842124&z=89478603cacbd1f2960845fgdz1c3cdbdz6o5gfo2c&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1433842124&z=89478603cacbd1f2960845fgdz1c3cdbdz6o5gfo2c&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&q={searchTerms}&installDate=05/04/2013
HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&q={searchTerms}&installDate=05/04/2013
HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://blekko.com/ws/?source=017d87aa&toolbarid=blekkotb_020&u=20120429A1C949BDB74ACAEEDA80B3FC&tbp=homepage
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1433876453&z=6d4a45aed76e3f37086c6f5g4z7c9c5b0mbq2z4wdo&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1433876453&z=6d4a45aed76e3f37086c6f5g4z7c9c5b0mbq2z4wdo&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{61D7ABD8-C559-4848-85E9-8085D2F49E0E}
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK/4
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://blekko.com/ws/?source=017d87aa&toolbarid=blekkotb_020&u=20120429A1C949BDB74ACAEEDA80B3FC&tbp=homepage
HKU\S-1-5-21-2355925718-3238339638-3018866954-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
HKU\S-1-5-21-2355925718-3238339638-3018866954-501\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK/4
HKU\S-1-5-21-2355925718-3238339638-3018866954-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
URLSearchHook: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File
URLSearchHook: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 - (No Name) - {32b29df0-2237-4370-9a29-37cebb730e9b} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
SearchScopes: HKU\.DEFAULT -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\.DEFAULT -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.bigseekpro.com/search/browser/hypercam/{61D7ABD8-C559-4848-85E9-8085D2F49E0E}?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> Plasmoo URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {78EED61A-6EE4-44FF-BEC0-A41DDCD5D13E} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {8389FA95-7BD2-47FF-947C-FBD5B055FEE2} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {A61A117D-F271-47A4-86B4-A16985096ADF} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {B77B74EE-2F20-43F2-A4BF-16DACDBC34EB} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433842141&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433962686&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433962686&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433962686&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433962686&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433962686&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433962686&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&ts=1433962686&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17434
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://blekko.com/ws/?source=017d87aa&tbp=rbox&toolbarid=blekkotb_020&u=20120429A1C949BDB74ACAEEDA80B3FC&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {78EED61A-6EE4-44FF-BEC0-A41DDCD5D13E} URL = hxxp://websearch.search-results.com/redirect?client=ie&tb=STC-SRS&o=41648033&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=96&apn_dtid=YYYYYYYYDE&apn_uid=0851B858-91A0-4267-A19E-93D9222E4961&apn_sauid=2ABEA026-E4A1-49B0-8CF6-BF03C8E3ABF1
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {8389FA95-7BD2-47FF-947C-FBD5B055FEE2} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={ADBFAEBF-3188-4F7E-9C70-E26D374DDAA2}&mid=9aa297324e8247d1ab0dbd2b2b780e56-23e21bbdfdbf2f14c19b5c0abd64a6799e478410&lang=de&ds=is015&pr=sa&d=2012-02-16 10:19:27&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.bigseekpro.com/search/browser/hypercam/{ED21B813-9355-4B94-ADDB-F42FB2F374D7}?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=119&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {A61A117D-F271-47A4-86B4-A16985096ADF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=69cd63a0-3040-4717-a6b4-9e129c79295d&apn_sauid=39299AE4-06E8-4699-AB8D-F9E396486B69
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {B77B74EE-2F20-43F2-A4BF-16DACDBC34EB} URL = hxxp://search.softonic.com/MON00016/tb_v1?q={searchTerms}&SearchSource=4&cc=
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://eu.ask.com/web?l=dis&o=APN10020&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A4G &apn_uid=0320198552744229&p2=^A4G ^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
BHO: shopperz -> {d0174004-bb12-464b-b666-9ba9bdbd750a} -> C:\Program Files\shopperz\Gaalmi64.dll [2015-06-07] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-30] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-11] (RealPlayer)
BHO-x32: No Name -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
BHO-x32: shopperz -> {d0174004-bb12-464b-b666-9ba9bdbd750a} -> C:\Program Files\shopperz\Gaalmi.dll [2015-06-07] ()
BHO-x32: Soda PDF 2012 Helper -> {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} -> C:\Program Files (x86)\Soda PDF 2012\PDFIEHelper.dll [2012-01-27] (LULU Software)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-01-13] (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKLM-x32 - Soda PDF 2012 Toolbar - {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - C:\Program Files (x86)\Soda PDF 2012\PDFIEPlugin.dll [2012-01-27] (LULU Software)
Toolbar: HKLM-x32 - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKU\.DEFAULT -> No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1001 -> No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} - No File
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-2355925718-3238339638-3018866954-1012 -> No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1433839150&z=896e5b047982f8f49d7236eg2z9c6cdb1c8t6g7w3o&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
FireFox:
========
FF ProfilePath: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-23] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-11-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-05-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-05-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-05-11] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2355925718-3238339638-3018866954-1007: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-08-20] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\user.js [2015-06-09]
FF Extension: WEB.DE MailCheck - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\toolbar@web.de.xpi [2014-01-25]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-01-25]
FF HKLM\...\Firefox\Extensions: [{d0174004-bb12-464b-b666-9ba9bdbd750a}] - C:\Program Files\shopperz\Firefox
FF Extension: shopperz - C:\Program Files\shopperz\Firefox [2015-06-09]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-11]
FF HKLM-x32\...\Firefox\Extensions: [{d0174004-bb12-464b-b666-9ba9bdbd750a}] - C:\Program Files\shopperz\Firefox
FF HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\...\Firefox\Extensions: [addlyrics@addlyrics.net] - C:\Program Files (x86)\AddLyrics\FF
FF HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Firefox\Extensions: [addlyrics@addlyrics.net] - C:\Program Files (x86)\AddLyrics\FF
FF Extension: No Name - C:\Program Files (x86)\Better-Surf\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [not found]
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-08]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\SuperLyrics\FF [not found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta541\ff [not found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha701\ff [not found]
FF Extension: No Name - C:\Program Files\Video downloader\Firefox [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\crossriderapp2258@crossrider.com [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\e46480cf-7cf6-495e-af69-573053f52c72@b33ab36d-5952-49aa-adb2-a41b3dbe51a5.com [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@babylon.com [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@funmoods.com [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\lightningnewtab@gmail.com.xpi [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042} [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} [not found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Opera:
=======
OPR Extension: (DVDVideoSoft) - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-05-02]
OPR Extension: (Adblock Plus) - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-08-26]
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.mystartsearch.com/?type=sc&ts=1433839150&z=896e5b047982f8f49d7236eg2z9c6cdb1c8t6g7w3o&from=cmi&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [814344 2009-12-22] (ABBYY)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-01] (Adobe Systems) [File not signed]
S4 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 csrcc; C:\Program Files\shopperz\csrcc.exe [1448808 2015-06-07] ()
R2 d54b8bbd-6b74-4d90-b801-8120aa8b2438; C:\Program Files\shopperz\Jmahzov.exe [285544 2015-06-07] ()
R2 DokanMounter; C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe [14848 2012-02-15] () [File not signed]
S4 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-01-27] (Macrovision Europe Ltd.) [File not signed]
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 kysykiti; C:\Users\Spieler.HeikeHarder-HP\AppData\Local\22CAFA80-1433844267-1016-BFEA-A7801F358095\snss5210.tmp [147456 2015-06-09] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-09] (Electronic Arts)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 qyjuhomu; C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\22CAFA80-1433836887-1016-BFEA-A7801F358095\nst47C2.tmp [229376 2015-06-11] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
R2 shopperz Updater; C:\Program Files\shopperz\Jvpmajlij.exe [174440 2015-06-07] ()
S3 Soda PDF 2012 Helper Service; C:\Program Files (x86)\Soda PDF 2012\HelperService.exe [827224 2012-01-27] (LULU Software)
R2 Soda PDF 2012 Service; C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe [905560 2012-01-27] (LULU Software)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 zedepory; C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\22CAFA80-1433836887-1016-BFEA-A7801F358095\hnsbDB0C.tmp [166912 2015-06-09] () [File not signed]
S2 ttsvc; "C:\Program Files (x86)\TermTutor\Service\ttsvc.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [558592 2007-05-16] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [61336 2015-05-31] (Cherimoya Ltd)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2012-02-15] (Windows (R) Win 7 DDK provider)
S3 GrabsterSeries.X64; C:\Windows\System32\DRIVERS\GrabsterSeries.X64.SYS [377152 2010-01-22] ()
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [File not signed]
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [File not signed]
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [File not signed]
S3 iComp; C:\Windows\System32\DRIVERS\p2usbhum.sys [1794112 2009-12-09] (Conexant Systems Inc.)
R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2011-10-20] (Matrox Graphics Inc.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-02-05] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-04] () [File not signed]
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
S3 ZD1211BU(ZyDAS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S3 ZDPSp50a64; C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
U3 aemasfhh; C:\Windows\System32\Drivers\aemasfhh.sys [0 ] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 cpuz134; \??\C:\Users\SPIELE~1.HEI\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 toqvakfe; \??\C:\Windows\system32\drivers\toqvakfe.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-11 18:34 - 2015-06-11 18:34 - 00002774 _____ C:\Windows\PFRO.log
2015-06-11 18:34 - 2015-06-11 18:34 - 00000056 _____ C:\Windows\setupact.log
2015-06-11 18:34 - 2015-06-11 18:34 - 00000000 _____ C:\Windows\setuperr.log
2015-06-11 17:48 - 2015-06-11 17:51 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Desktop\Santiano
2015-06-11 13:04 - 2015-06-11 13:04 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST-OlderVersion
2015-06-11 10:00 - 2015-06-11 10:00 - 00153880 _____ C:\Users\Heike Harder\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-10 20:58 - 2015-06-10 20:58 - 00613255 _____ (CMI Limited) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nsjE85C.tmp
2015-06-10 20:57 - 2015-06-10 21:13 - 00000000 ____D C:\ProgramData\MailUpdate
2015-06-10 20:57 - 2015-06-10 20:57 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\MailUpdate
2015-06-10 11:29 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 11:29 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 11:29 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 11:29 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 11:29 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 11:29 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 11:29 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 11:29 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 11:29 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 11:29 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 11:29 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 11:29 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 11:29 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 11:29 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 11:29 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 11:29 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 11:29 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 11:29 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 11:29 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 11:29 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 11:29 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 11:29 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 11:29 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 11:29 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 11:29 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 11:29 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 11:29 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 11:29 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 11:29 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 11:29 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 11:29 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 11:29 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 11:29 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 11:29 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 11:29 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 11:29 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 11:29 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 11:29 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 11:29 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 11:29 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 11:29 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 11:29 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 11:29 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 11:29 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 11:29 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 11:29 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 11:29 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 11:29 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 11:29 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 11:29 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 11:29 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 11:29 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 11:29 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 11:29 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 11:29 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 11:29 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 11:29 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 11:29 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 11:29 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 11:29 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 11:28 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 11:24 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 11:24 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 11:24 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 11:24 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 11:24 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 11:24 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 11:24 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 11:24 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 11:24 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 11:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 11:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 11:24 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 11:23 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 11:23 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 11:23 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 11:23 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 11:23 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 11:23 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 11:23 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 11:23 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 11:23 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 11:23 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 11:23 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 11:23 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 11:23 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 11:23 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 11:23 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 11:23 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 11:23 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 11:23 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 11:23 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 11:23 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 11:23 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 11:23 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 11:23 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 11:23 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 11:23 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 11:23 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 11:23 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 11:23 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 11:23 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 11:23 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 11:23 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 11:23 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 11:23 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 11:23 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 11:23 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-09 21:01 - 2015-06-09 21:01 - 00613255 _____ (CMI Limited) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nsnC6FC.tmp
2015-06-09 21:01 - 2015-06-09 21:01 - 00000000 __SHD C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\AnyProtectEx
2015-06-09 21:01 - 2015-06-09 21:01 - 00000000 _____ C:\Windows\prleth.sys
2015-06-09 21:01 - 2015-06-09 21:01 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-09 20:07 - 2015-06-11 03:33 - 00506848 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-09 17:00 - 2015-06-09 19:45 - 00000000 ____D C:\Users\Heike Harder\Documents\The Witcher 3
2015-06-09 15:14 - 2015-06-09 15:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Spieler.HeikeHarder-HP\Downloads\revosetup95 (1).exe
2015-06-09 12:19 - 2015-06-09 12:19 - 00000000 ____D C:\Users\Heike Harder\AppData\Local\Steam
2015-06-09 12:09 - 2015-06-09 12:09 - 00000000 ____D C:\Users\Heike Harder\AppData\Roaming\Origin
2015-06-09 11:31 - 2015-06-09 11:31 - 00613255 _____ (CMI Limited) C:\Users\Heike Harder\AppData\Local\nsjD2F4.tmp
2015-06-09 10:41 - 2015-06-11 03:33 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-06-09 10:41 - 2015-06-11 03:33 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-06-09 10:41 - 2015-06-10 21:18 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-06-09 10:41 - 2015-06-10 20:58 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-06-09 10:41 - 2015-06-10 20:58 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-06-09 10:41 - 2015-06-10 20:58 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-06-09 10:41 - 2015-06-09 10:41 - 00000000 ____D C:\Windows\SysWOW64\Flash
2015-06-09 10:41 - 2015-06-09 10:40 - 00613255 _____ (CMI Limited) C:\Users\Heike Harder\AppData\Local\nsmA09A.tmp
2015-06-09 10:40 - 2015-06-09 10:40 - 00000000 __SHD C:\Users\Heike Harder\AppData\Roaming\AnyProtectEx
2015-06-09 10:04 - 2015-06-11 18:39 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Local\22CAFA80-1433844267-1016-BFEA-A7801F358095
2015-06-09 10:02 - 2015-06-09 10:02 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Local\22CAFA80-1433844131-1016-BFEA-A7801F358095
2015-06-09 10:01 - 2015-06-11 17:34 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\22CAFA80-1433836887-1016-BFEA-A7801F358095
2015-06-09 10:01 - 2015-06-09 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SimpleFiles
2015-06-09 10:01 - 2015-06-09 10:01 - 00003632 _____ C:\Windows\System32\Tasks\Papuir
2015-06-09 10:01 - 2015-06-09 10:01 - 00000000 ____D C:\Program Files\shopperz
2015-06-09 10:01 - 2015-05-31 10:37 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-06-09 10:01 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-09 09:59 - 2015-06-09 09:59 - 03824002 _____ C:\Users\Spieler.HeikeHarder-HP\Downloads\reimage_repair_keygen.zip
2015-06-09 09:08 - 2015-06-09 09:09 - 00000156 _____ C:\Windows\Reimage.ini
2015-06-09 09:07 - 2015-06-09 09:08 - 00771872 _____ (Reimage®) C:\Users\Spieler.HeikeHarder-HP\Downloads\ReimageRepair.exe
2015-06-08 23:22 - 2015-06-08 23:06 - 45315620 _____ C:\Users\Spieler.HeikeHarder-HP\Desktop\Produce_0.wmv
2015-06-08 16:24 - 2015-06-08 16:35 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Desktop\stream musik
2015-06-05 14:23 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 14:23 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 14:23 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 14:23 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 14:23 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 14:23 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 14:23 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 14:23 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 22:08 - 2015-06-04 22:14 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Desktop\server new
2015-06-04 22:08 - 2015-06-04 22:09 - 10174813 _____ C:\Users\Spieler.HeikeHarder-HP\Downloads\minecraft_server.1.8.6.exe
2015-06-03 23:21 - 2015-06-03 23:21 - 28683704 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeVideoToJPGConverter (2).exe
2015-06-03 09:51 - 2015-06-03 09:51 - 00000000 ____D C:\Users\Heike Harder\AppData\Roaming\Avira
2015-05-28 21:19 - 2015-05-28 21:19 - 03716517 _____ C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves3ds-software-128.zip
2015-05-28 21:19 - 2015-05-28 13:45 - 03747890 _____ (Datel Design & Development ) C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves_setup_v1.28.exe
2015-05-27 11:22 - 2015-05-27 11:22 - 00684008 _____ (Opera Software) C:\Users\Spieler.HeikeHarder-HP\Downloads\Opera_NI_stable.exe
2015-05-24 20:50 - 2015-06-03 12:24 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Desktop\all
2015-05-15 23:29 - 2015-05-15 23:29 - 00001538 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2015-05-15 23:28 - 2015-05-15 23:28 - 36088824 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeYouTubeToMP3Converter.exe
2015-05-15 20:12 - 2015-05-16 12:58 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Desktop\pbs
2015-05-14 03:37 - 2015-05-14 03:37 - 00000000 _____ C:\Windows\SysWOW64\shoB6AC.tmp
2015-05-14 03:04 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:04 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:45 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 10:45 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 10:44 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:44 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:44 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 10:44 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:44 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 10:44 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 10:44 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 10:44 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:44 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:44 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 10:44 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:44 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 10:44 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 10:44 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 10:44 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 10:44 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 10:44 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:44 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 21:00 - 2015-05-12 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher Enhanced Edition
2015-05-12 20:45 - 2015-05-12 21:00 - 00000000 ____D C:\Program Files (x86)\The Witcher Enhanced Edition
2015-05-12 20:45 - 2015-05-12 20:59 - 00000000 ____D C:\Users\Public\Documents\The Witcher
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-11 19:03 - 2015-04-01 23:18 - 00053584 _____ C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2015-06-11 19:03 - 2015-04-01 23:18 - 00000000 ____D C:\FRST
2015-06-11 19:03 - 2013-09-03 22:45 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TS3Client
2015-06-11 18:44 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-11 18:44 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-11 18:36 - 2014-06-24 16:10 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Local\LogMeIn Hamachi
2015-06-11 18:35 - 2011-03-16 16:37 - 00000441 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-06-11 18:35 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 18:34 - 2015-02-19 17:01 - 00002586 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2015-06-11 18:34 - 2015-02-19 17:01 - 00000308 _____ C:\Windows\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job
2015-06-11 18:34 - 2011-03-09 17:38 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\PDF Software
2015-06-11 18:34 - 2011-01-27 20:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-11 18:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-11 18:33 - 2012-06-04 16:38 - 01630025 _____ C:\Windows\WindowsUpdate.log
2015-06-11 18:05 - 2011-01-27 20:36 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-11 17:51 - 2011-07-10 23:06 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\vlc
2015-06-11 16:17 - 2013-01-07 23:41 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\.minecraft
2015-06-11 14:52 - 2013-01-20 00:21 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Skype
2015-06-11 14:51 - 2015-02-17 13:50 - 00002409 _____ C:\Users\Spieler.HeikeHarder-HP\Downloads\desmume.ini
2015-06-11 14:50 - 2014-08-28 20:02 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Documents\lp
2015-06-11 13:04 - 2015-04-01 23:18 - 02108928 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2015-06-11 10:00 - 2014-09-30 21:27 - 00000000 ____D C:\Users\Heike Harder\AppData\Local\LogMeIn Hamachi
2015-06-11 04:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 03:41 - 2011-01-07 21:54 - 00799382 _____ C:\Windows\system32\perfh007.dat
2015-06-11 03:41 - 2011-01-07 21:54 - 00188890 _____ C:\Windows\system32\perfc007.dat
2015-06-11 03:41 - 2009-07-14 07:13 - 01903918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 03:38 - 2014-06-03 11:02 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387178156
2015-06-11 03:38 - 2011-01-27 12:58 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-11 03:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 03:07 - 2013-08-16 09:04 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 03:02 - 2011-01-31 19:17 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 20:57 - 2013-12-16 09:15 - 00001431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 30.lnk
2015-06-10 20:57 - 2011-04-06 19:06 - 00001333 _____ C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 21:05 - 2012-09-11 10:43 - 00000000 ____D C:\ProgramData\NexonUS
2015-06-09 20:23 - 2012-06-12 19:26 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-09 20:23 - 2012-03-07 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-09 19:45 - 2011-01-07 21:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-09 17:00 - 2014-08-06 12:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-09 16:39 - 2014-12-14 18:06 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\OBS
2015-06-09 14:59 - 2011-01-29 14:11 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\SoftGrid Client
2015-06-09 12:14 - 2011-03-04 12:43 - 00000000 ____D C:\ProgramData\Origin
2015-06-09 12:09 - 2011-07-07 09:25 - 00000000 ____D C:\Users\Heike Harder\AppData\Local\Origin
2015-06-09 12:08 - 2011-07-07 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-06-09 12:08 - 2011-07-07 09:23 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-09 11:28 - 2014-09-30 21:27 - 00002555 _____ C:\Users\Heike Harder\Desktop\Google Chrome.lnk
2015-06-09 11:28 - 2011-04-07 08:16 - 00001729 _____ C:\Users\Heike Harder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 11:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-09 10:57 - 2011-02-11 12:08 - 00000000 ____D C:\Users\Heike Harder\AppData\Roaming\PDF Software
2015-06-09 10:49 - 2014-06-24 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-09 10:47 - 2015-03-23 17:22 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-09 10:47 - 2015-03-23 17:22 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-08 19:08 - 2015-02-17 13:51 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Downloads\Battery
2015-06-08 19:08 - 2014-08-21 22:58 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Desktop\uni
2015-06-08 18:49 - 2013-10-04 14:37 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\alles
2015-06-08 15:37 - 2015-05-11 21:44 - 00000512 _____ C:\Users\Spieler.HeikeHarder-HP\Downloads\Digimon - Battle Spirit (D, F, E).sav
2015-06-08 15:37 - 2015-03-23 11:31 - 00002441 _____ C:\Users\Spieler.HeikeHarder-HP\Downloads\vba.ini
2015-06-08 13:41 - 2014-12-14 18:06 - 00000000 ____D C:\Program Files (x86)\OBS
2015-06-08 11:15 - 2014-12-14 18:06 - 00000000 ____D C:\Program Files\OBS
2015-06-06 03:16 - 2014-12-11 04:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-06 03:16 - 2014-05-01 03:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-05 21:35 - 2014-06-25 12:44 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Powersaves3DS
2015-06-04 22:14 - 2015-02-05 11:50 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Desktop\server
2015-06-04 14:57 - 2011-03-02 15:03 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\KlebezettelNG
2015-06-03 23:22 - 2015-04-03 11:17 - 00001514 _____ C:\Users\Public\Desktop\Free Video to JPG Converter.lnk
2015-06-03 23:22 - 2015-04-03 11:17 - 00001247 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-06-03 23:22 - 2014-09-21 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-06-03 23:22 - 2014-09-21 20:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-06-03 23:21 - 2012-12-30 13:01 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\DVDVideoSoft
2015-06-03 15:36 - 2012-04-06 20:04 - 00000000 ____D C:\ProgramData\Skype
2015-06-03 09:53 - 2012-04-12 13:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-29 11:18 - 2011-01-29 12:51 - 00153880 _____ C:\Users\Spieler.HeikeHarder-HP\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-28 21:20 - 2014-06-25 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2015-05-28 21:20 - 2014-06-25 13:55 - 00000000 ____D C:\Program Files (x86)\Action Replay PowerSaves 3DS
2015-05-27 11:18 - 2012-06-08 18:21 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google
2015-05-25 16:25 - 2015-02-20 21:06 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\Downloads\Cheats
2015-05-23 14:27 - 2011-01-27 20:36 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-23 12:17 - 2012-04-12 13:23 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-23 12:17 - 2012-04-12 13:23 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-23 12:17 - 2011-05-23 10:55 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-23 12:16 - 2014-10-17 07:57 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Adobe
2015-05-21 03:00 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-21 03:00 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-21 01:01 - 2014-05-02 14:03 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Winamp
2015-05-16 12:00 - 2011-01-27 20:36 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 12:00 - 2011-01-27 20:36 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 23:29 - 2014-12-08 23:51 - 00000000 ____D C:\Program Files (x86)\Free Codec Pack
2015-05-14 20:57 - 2011-02-16 14:05 - 00000000 ____D C:\Users\Spieler.HeikeHarder-HP\AppData\Local\The Witcher
2015-05-14 03:41 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 03:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 03:19 - 2011-01-27 18:45 - 01930536 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-14 03:19 - 2011-01-27 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-14 03:04 - 2013-03-13 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 03:03 - 2013-03-13 16:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 03:03 - 2013-03-13 16:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
==================== Files in the root of some directories =======
2014-08-18 16:36 - 2014-08-18 16:56 - 0004608 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-10 20:58 - 2015-06-10 20:58 - 0613255 _____ (CMI Limited) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nsjE85C.tmp
2015-06-09 21:01 - 2015-06-09 21:01 - 0613255 _____ (CMI Limited) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nsnC6FC.tmp
2015-03-15 15:52 - 2015-03-15 15:52 - 0001507 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\recently-used.xbel
2014-04-21 13:47 - 2014-04-21 13:47 - 0007600 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Resmon.ResmonCfg
2011-12-22 20:26 - 2011-12-23 17:15 - 0000088 __RSH () C:\ProgramData\674D61C93E.sys
2011-12-22 20:26 - 2012-01-03 22:39 - 0001682 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\Heike Harder\AppData\Local\Temp\avgnt.exe
C:\Users\Heike Harder\AppData\Local\Temp\handle.exe
C:\Users\Heike Harder\AppData\Local\Temp\sdfC207.exe
C:\Users\Heike Harder\AppData\Local\Temp\sdfF0A4.exe
C:\Users\Heike Harder\AppData\Local\Temp\Uninstall.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\fsd6EC4.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-03 00:44
==================== End of log ============================ --- --- --- |