| |
| |||||||
Log-Analyse und Auswertung: Chrome Extension"BlOckThheADs" nicht löschbarWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.05.2014, 14:59
| #1 |
| |  Chrome Extension"BlOckThheADs" nicht löschbar Hallo liebe Trojaner-Community! Ich habe gesehen, dass hier Leute ähnliche Probleme haben und hoffe ihr könnt mir weiterhelfen! Bisher haben alle Versuche nämlich nicht wirklich geholfen. Ich hatte irgendwann 2 merkwürdige Browser-Extensions auf meinem Rechner, eine davon habe ich nach zig Tools irgendwann löschen können, die letzte ist allerdings sowas von hartnäckig, dass sie mich ein wenig verzweifeln lässt. Das gute Stück heißt "BlOckThheADs" und hat den Zusatz "Durch Unternehmensrichtlinie installiert". Außerdem habe ich keine Möglichkeit mehr, Chrome zu aktualisieren, meine Version ist noch bei 32, aktuell ist allerdings 34 schon draußen. Bei "Über Google Chrome" steht: "Updates sind durch den Administrator deaktiviert." Ich habe mal meinen Rechner scannen lassen und hänge die Logs dran, leider besteht diese Nachricht aus 128.000 Zeichen, daher hänge ich die AdwCleaner- und Malwarebytes- Cleaner-Logs nur in den Attachments dran! Schon mal ganz ganz lieben Dank im Voraus fürs Durchlesen von diesen abermillion Zeilen! <3 Beste Grüße! TanteGreta defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:18 on 06/05/2014 (Hawt BJ)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by Hawt BJ (administrator) on HAWTBJ on 06-05-2014 15:33:42
Running from C:\Users\Hawt BJ\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Hawt BJ\AppData\Roaming\Spotify\spotify.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-06] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [Spotify Web Helper] => C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [Spotify] => C:\Users\Hawt BJ\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\MountPoints2: {d4022b10-8fc1-11e2-8768-001fd0a04fdd} - H:\Setup.exe
Startup: C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x87EE3C237A5ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {D425FB55-79D3-4DCD-956B-59BF5A3960AF} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - D:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X. 2\orbit\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: {7328c366-289d-426f-95c2-b45b291b9c90} - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\{7328c366-289d-426f-95c2-b45b291b9c90}.xpi [2013-11-05]
FF Extension: Adblock Plus - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: No Name - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-06-09]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-07]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=", "hxxp://websearch.searchsunmy.info/?pid=233&r=2014/01/03&hid=16202272847386566411&lg=EN&cc=DE&unqvl=45"
CHR Extension: (Adblock Plus) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-04]
CHR Extension: (YouTube™ Ratings Preview) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2014-03-04]
CHR Extension: (Reise durch Mittelerde) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2014-03-04]
CHR Extension: (Taylor Swift) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\laffmjcogdcgbpmgecdlgilgjekagpmb [2014-03-04]
CHR Extension: (Two-Click JDownloader) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljhooappahaeilmbekgcokgjjplambgo [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-08-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-09] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 e81a9dc1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs-ena~1\AssistantSvc.dll",service
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-18] (DT Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
R2 WLNdis50; C:\Windows\System32\DRIVERS\wlndis50.sys [35840 2008-01-28] ()
R2 WLNdis50; C:\Windows\SysWOW64\DRIVERS\wlndis50.sys [35840 2008-01-28] ()
S3 CT20XUT.DLL; system32\CT20XUT.DLL [X]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [X]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-06 15:31 - 2014-05-06 15:31 - 00000820 _____ () C:\Users\Hawt BJ\Desktop\Text.txt
2014-05-06 15:30 - 2014-05-06 15:30 - 00008834 _____ () C:\Users\Hawt BJ\Desktop\AdwCleaner[S0].txt
2014-05-06 15:18 - 2014-05-06 15:18 - 00050477 _____ () C:\Users\Hawt BJ\Desktop\Defogger.exe
2014-05-06 15:18 - 2014-05-06 15:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 15:18 - 2014-05-06 15:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:18 - 2014-05-06 15:18 - 00000546 _____ () C:\Users\Hawt BJ\Desktop\defogger_disable.log
2014-05-06 15:18 - 2014-05-06 15:18 - 00000168 _____ () C:\Users\Hawt BJ\defogger_reenable
2014-05-06 15:13 - 2014-05-06 15:13 - 00024104 _____ () C:\Users\Hawt BJ\Desktop\GMER Log 2014-05-06.log
2014-05-06 14:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-06 14:26 - 2014-05-06 15:22 - 00000000 ____D () C:\AdwCleaner
2014-05-06 14:22 - 2014-05-06 14:22 - 00380416 _____ () C:\Users\Hawt BJ\Desktop\Gmer-19357.exe
2014-05-06 14:15 - 2014-05-06 14:15 - 01316991 _____ () C:\Users\Hawt BJ\Desktop\adwcleaner.exe
2014-05-06 14:01 - 2014-05-06 14:26 - 00050251 _____ () C:\Users\Hawt BJ\Desktop\Addition.txt
2014-05-06 14:00 - 2014-05-06 15:34 - 00020260 _____ () C:\Users\Hawt BJ\Desktop\FRST.txt
2014-05-06 14:00 - 2014-05-06 15:33 - 00000000 ____D () C:\FRST
2014-05-06 13:57 - 2014-05-06 13:58 - 02063872 _____ (Farbar) C:\Users\Hawt BJ\Desktop\FRST64.exe
2014-05-05 12:08 - 2014-05-06 15:24 - 00001182 _____ () C:\Windows\PFRO.log
2014-05-05 00:56 - 2014-05-05 01:00 - 00000000 ____D () C:\Users\Hawt BJ\Downloads\thtdos.720-phd
2014-05-02 22:57 - 2014-05-02 22:57 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\DropboxMaster
2014-05-01 14:07 - 2014-05-01 14:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-01 14:06 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-01 14:06 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-30 01:12 - 2014-04-30 01:12 - 01611487 _____ () C:\Users\Hawt BJ\Desktop\Uhr.psd
2014-04-28 23:51 - 2014-05-05 14:50 - 00014650 _____ () C:\Users\Hawt BJ\Desktop\Laptop.xlsx
2014-04-28 12:20 - 2014-04-29 11:34 - 02951327 _____ () C:\Users\Hawt BJ\Desktop\Orgateam_Vorlesungswerbung_korrigiert.pptx
2014-04-25 14:07 - 2014-04-25 14:07 - 10677469 _____ () C:\Users\Hawt BJ\Downloads\2pac feat Dr.Dre - California Love.m4a
2014-04-23 00:43 - 2014-04-23 00:43 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-22 12:21 - 2014-04-22 12:21 - 05832779 _____ () C:\Users\Hawt BJ\Downloads\Catfish - Change Today-Shape Tomorrow.m4a
2014-04-19 10:06 - 2014-04-19 10:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-19 10:06 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-19 10:01 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-19 10:01 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-04-19 09:56 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-19 09:56 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-17 18:07 - 2014-05-06 15:24 - 00004995 _____ () C:\Windows\setupact.log
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieUserList
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieSiteList
2014-04-12 22:36 - 2014-04-12 22:36 - 09739697 _____ () C:\Users\Hawt BJ\Downloads\The Good Husbands - In Bloom (Official Video Lyrics) (256 kbit_s).m4a
2014-04-09 17:33 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 17:33 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 17:33 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-09 17:33 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 17:33 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-09 17:33 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 17:33 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-09 17:33 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 17:33 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 17:33 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-09 17:33 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 17:33 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 17:33 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 17:33 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-09 17:33 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-09 17:33 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-09 17:33 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 17:33 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-09 17:33 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-09 17:33 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 17:33 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-09 17:33 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-09 17:33 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-09 17:33 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 17:33 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 17:33 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 17:33 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 17:33 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-09 17:33 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-09 17:33 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 17:33 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 17:33 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-09 17:33 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-09 17:33 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 17:33 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-09 17:33 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 17:33 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-09 17:33 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-09 17:33 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 17:33 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 17:33 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 17:33 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 17:33 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 17:33 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 17:33 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-09 17:33 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-09 17:33 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 17:33 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 12:06 - 2014-05-06 13:01 - 00013234 _____ () C:\Users\Hawt BJ\Desktop\Stundenplan Björn SS2014.xlsx
2014-04-09 11:18 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 11:18 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 11:18 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 11:18 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 11:18 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 11:18 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 11:18 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 11:18 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 11:18 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 11:18 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 11:18 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 11:18 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 11:18 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
==================== One Month Modified Files and Folders =======
2014-05-06 15:34 - 2014-05-06 14:00 - 00020260 _____ () C:\Users\Hawt BJ\Desktop\FRST.txt
2014-05-06 15:33 - 2014-05-06 14:00 - 00000000 ____D () C:\FRST
2014-05-06 15:31 - 2014-05-06 15:31 - 00000820 _____ () C:\Users\Hawt BJ\Desktop\Text.txt
2014-05-06 15:30 - 2014-05-06 15:30 - 00008834 _____ () C:\Users\Hawt BJ\Desktop\AdwCleaner[S0].txt
2014-05-06 15:30 - 2012-12-30 14:16 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Spotify
2014-05-06 15:30 - 2009-07-14 19:58 - 00702926 _____ () C:\Windows\system32\perfh007.dat
2014-05-06 15:30 - 2009-07-14 19:58 - 00150566 _____ () C:\Windows\system32\perfc007.dat
2014-05-06 15:30 - 2009-07-14 07:13 - 01629212 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 15:30 - 2009-07-14 06:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-06 15:30 - 2009-07-14 06:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-06 15:29 - 2013-01-02 11:53 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 15:28 - 2013-07-04 11:05 - 01949226 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 15:25 - 2013-06-29 01:20 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Dropbox
2014-05-06 15:25 - 2013-01-02 11:53 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-06 15:25 - 2013-01-01 16:28 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-05-06 15:25 - 2013-01-01 16:28 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-05-06 15:24 - 2014-05-05 12:08 - 00001182 _____ () C:\Windows\PFRO.log
2014-05-06 15:24 - 2014-04-17 18:07 - 00004995 _____ () C:\Windows\setupact.log
2014-05-06 15:24 - 2012-12-30 13:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-06 15:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-06 15:22 - 2014-05-06 14:26 - 00000000 ____D () C:\AdwCleaner
2014-05-06 15:18 - 2014-05-06 15:18 - 00050477 _____ () C:\Users\Hawt BJ\Desktop\Defogger.exe
2014-05-06 15:18 - 2014-05-06 15:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 15:18 - 2014-05-06 15:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:18 - 2014-05-06 15:18 - 00000546 _____ () C:\Users\Hawt BJ\Desktop\defogger_disable.log
2014-05-06 15:18 - 2014-05-06 15:18 - 00000168 _____ () C:\Users\Hawt BJ\defogger_reenable
2014-05-06 15:18 - 2014-01-04 00:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-06 15:18 - 2013-12-01 14:42 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-06 15:18 - 2012-12-30 13:11 - 00000000 ____D () C:\Users\Hawt BJ
2014-05-06 15:13 - 2014-05-06 15:13 - 00024104 _____ () C:\Users\Hawt BJ\Desktop\GMER Log 2014-05-06.log
2014-05-06 15:13 - 2013-06-25 15:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-06 14:26 - 2014-05-06 14:01 - 00050251 _____ () C:\Users\Hawt BJ\Desktop\Addition.txt
2014-05-06 14:22 - 2014-05-06 14:22 - 00380416 _____ () C:\Users\Hawt BJ\Desktop\Gmer-19357.exe
2014-05-06 14:15 - 2014-05-06 14:15 - 01316991 _____ () C:\Users\Hawt BJ\Desktop\adwcleaner.exe
2014-05-06 13:58 - 2014-05-06 13:57 - 02063872 _____ (Farbar) C:\Users\Hawt BJ\Desktop\FRST64.exe
2014-05-06 13:01 - 2014-04-09 12:06 - 00013234 _____ () C:\Users\Hawt BJ\Desktop\Stundenplan Björn SS2014.xlsx
2014-05-06 13:01 - 2013-11-14 13:17 - 00000000 ____D () C:\Users\Public\Documents\phase6_19_Daten
2014-05-06 10:41 - 2013-06-09 17:29 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\Adobe
2014-05-06 10:31 - 2012-12-30 14:16 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\Spotify
2014-05-05 15:40 - 2013-05-04 23:08 - 00000000 ____D () C:\Users\Hawt BJ\Documents\FIFA 13
2014-05-05 15:40 - 2013-02-02 17:28 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 14:50 - 2014-04-28 23:51 - 00014650 _____ () C:\Users\Hawt BJ\Desktop\Laptop.xlsx
2014-05-05 14:50 - 2013-02-02 17:28 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-05 09:24 - 2013-04-30 17:41 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-05-05 02:37 - 2013-12-15 12:34 - 00000000 ____D () C:\Program Files (x86)\JDownloader v2.0
2014-05-05 01:00 - 2014-05-05 00:56 - 00000000 ____D () C:\Users\Hawt BJ\Downloads\thtdos.720-phd
2014-05-05 00:50 - 2012-12-31 01:54 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\vlc
2014-05-04 18:42 - 2013-02-02 17:09 - 00000000 ____D () C:\Users\Hawt BJ\Desktop\Games
2014-05-02 22:57 - 2014-05-02 22:57 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\DropboxMaster
2014-05-02 22:57 - 2013-06-29 01:21 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-02 22:57 - 2012-12-30 13:11 - 00000000 ___RD () C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-01 14:07 - 2014-05-01 14:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 01:12 - 2014-04-30 01:12 - 01611487 _____ () C:\Users\Hawt BJ\Desktop\Uhr.psd
2014-04-30 00:05 - 2013-11-15 16:32 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Guitar Pro 6
2014-04-30 00:03 - 2013-01-03 12:45 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Ubisoft
2014-04-30 00:03 - 2012-12-30 13:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-30 00:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-30 00:01 - 2013-01-03 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-04-29 23:54 - 2013-02-02 19:04 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-29 23:54 - 2013-02-02 18:02 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-29 11:34 - 2014-04-28 12:20 - 02951327 _____ () C:\Users\Hawt BJ\Desktop\Orgateam_Vorlesungswerbung_korrigiert.pptx
2014-04-28 20:13 - 2013-06-25 15:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 20:13 - 2013-06-25 15:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 20:13 - 2013-06-25 15:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-25 14:07 - 2014-04-25 14:07 - 10677469 _____ () C:\Users\Hawt BJ\Downloads\2pac feat Dr.Dre - California Love.m4a
2014-04-24 10:20 - 2013-04-04 16:52 - 00000000 ____D () C:\Users\Hawt BJ\Documents\My Games
2014-04-23 00:43 - 2014-04-23 00:43 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-23 00:43 - 2013-11-18 02:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-22 12:21 - 2014-04-22 12:21 - 05832779 _____ () C:\Users\Hawt BJ\Downloads\Catfish - Change Today-Shape Tomorrow.m4a
2014-04-20 16:35 - 2013-04-14 18:17 - 00000000 ____D () C:\Users\Hawt BJ\Desktop\Stuff
2014-04-19 10:06 - 2014-04-19 10:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-19 10:06 - 2013-09-19 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-04-19 10:06 - 2012-12-30 13:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-19 09:56 - 2013-11-20 22:06 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\NVIDIA Corporation
2014-04-19 09:56 - 2012-12-30 13:16 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-17 18:08 - 2009-07-14 06:45 - 09992576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-16 17:49 - 2012-12-30 15:37 - 00120440 _____ () C:\Users\Hawt BJ\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 04:24 - 2014-05-01 14:06 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-01 14:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieUserList
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieSiteList
2014-04-12 22:36 - 2014-04-12 22:36 - 09739697 _____ () C:\Users\Hawt BJ\Downloads\The Good Husbands - In Bloom (Official Video Lyrics) (256 kbit_s).m4a
2014-04-12 16:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-11 12:53 - 2013-01-07 20:10 - 00000000 ____D () C:\Windows\pss
2014-04-11 12:53 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-09 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-09 17:27 - 2013-01-27 20:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-09 11:36 - 2013-07-29 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-09 11:36 - 2012-12-31 02:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 11:29 - 2013-07-16 00:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 11:25 - 2012-12-30 13:44 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-06 19:56 - 2014-03-21 00:22 - 00000132 _____ () C:\Users\Hawt BJ\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
Some content of TEMP:
====================
C:\Users\Hawt BJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz96hrl.dll
C:\Users\Hawt BJ\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Hawt BJ\AppData\Local\Temp\nvStInst.exe
C:\Users\Hawt BJ\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 21:10
==================== End Of Log ============================
Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014
Ran by Hawt BJ at 2014-05-06 15:34:41
Running from C:\Users\Hawt BJ\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.8 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 1.1.960 - Adobe Systems Incorporated)
Adobe Muse (x32 Version: 1.1.960 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.1.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.1.0 - Adobe Systems Incorporated) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AIDA64 Extreme Edition v3.00 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Any Video Converter 5.0.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Revelations 1.02 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.02 - Ubisoft)
ASUS Xonar D1 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F68634D8-574F-42B2-B6D0-9B447EA9581E}) (Version: - Microsoft)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2010 (HKLM-x32\...\GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}) (Version: 1.0.0000.132 - Codemasters)
F1 2010 (x32 Version: 1.0.0000.132 - Codemasters) Hidden
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
FolderVisualizer (HKLM-x32\...\FolderVisualizer_is1) (Version: 2013 - Abelssoft)
FS Water Configurator 3.15 (HKLM\...\FS Water Configurator) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Minecraft 1.2.0_02 (HKLM-x32\...\Minecraft 1.2.0_02) (Version: - )
MKVToolNix 6.3.0 (HKLM-x32\...\MKVToolNix) (Version: 6.3.0 - Moritz Bunkus)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.7 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai)
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Tom Clancy's Splinter Cell Blacklist The 5th Freedom Edition 1.01 (HKLM-x32\...\Tom Clancy's Splinter Cell Blacklist The 5th Freedom Edition 1.01) (Version: - )
Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}) (Version: 1.05.157 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.02 - Ubisoft)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrackMania² Canyon (HKLM-x32\...\Steam App 228760) (Version: - Nadeo)
TrackMania² Valley (HKLM-x32\...\Steam App 243360) (Version: - Nadeo)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{327EABFD-EDD3-44E7-AB47-7592DF33B719}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F31E04-D56A-4159-BF36-CF3CE27DB30C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F9FAC8C0-20D9-4DC7-9A56-13B02BD4B724}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version: - )
VirtualDubMOD 1.5.10.3 US (HKLM-x32\...\{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1) (Version: 1.5.10.3 - Trad-Fr)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
xat.com JPEG Optimizer (HKLM-x32\...\xat.com JPEG Optimizer) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
04-05-2014 23:24:21 Geplanter Prüfpunkt
06-05-2014 13:18:06 avast! antivirus system restore point
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-03-14 09:48 - 00451658 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 wip.adobe.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {03F4473D-2FB7-4EEC-B991-A942A1AC9138} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {0DA66E48-5CC0-4A0B-8E6A-E338D3C09511} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {297F2151-2982-454F-AA8E-37C8CF5FCE31} - System32\Tasks\{9055745E-EC66-46EA-B5F2-EF14CC552422} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {2AD00792-06E7-4A3F-B7B6-28CD07F6FCDB} - System32\Tasks\{05DCC141-E39C-42A0-B68C-75928037B1AD} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {2DBC23C3-84C6-4147-99D1-0E47B182DC58} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {523BFECA-5755-4F57-93BF-9F43C039F1DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {5E28667D-5CBA-4F36-8822-E94B17B09FC9} - System32\Tasks\AdobeAAMUpdater-1.0-HawtBJ-Hawt BJ => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {89F05796-F4F4-42DE-B394-00E18E3BA84A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {A78D05F7-3275-45EA-AB9F-BAF5D6E0AADE} - System32\Tasks\{F21BD032-4D9A-4D3D-A0A9-89AA2807C6A9} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {C057F381-0662-4BEF-9284-1DD635BC06AD} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-01-01] ()
Task: {C8F8AABB-4017-4B83-B626-F638A7E4D4A0} - System32\Tasks\{AF4CB764-DA0E-4D9D-876C-4173576355A4} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {CAD945D6-4120-4C0C-9E60-8DC5C051AF36} - System32\Tasks\{3FAAAA00-30C8-4D8B-A3E2-A8EF5E3C95B9} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {CC7FA82E-3FFC-4C2D-BCA4-678D0E9EB043} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {CD2450A0-87EF-4FD7-BECF-0141C47A09C3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E50BB1A0-0649-4B98-A08E-B816EAD94B54} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E69258D2-852A-4309-A6F5-43FDD922F1F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-30 13:16 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-02 18:02 - 2013-03-09 22:47 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-24 19:24 - 2014-04-11 12:46 - 00602680 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-10-10 18:48 - 2013-10-10 18:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-05-06 10:32 - 2014-05-06 09:35 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14050600\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-12 18:28 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-12 18:28 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-12 18:28 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-03-12 18:28 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-12-30 14:16 - 2014-04-11 12:46 - 36966968 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libcef.dll
2013-12-01 14:42 - 2013-12-01 14:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-06 15:25 - 2014-05-06 15:25 - 00041984 _____ () C:\Users\Hawt BJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz96hrl.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-24 19:24 - 2014-04-11 12:46 - 00886840 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-24 19:24 - 2014-04-11 12:46 - 00108600 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libegl.dll
2014-01-29 11:33 - 2014-01-23 07:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-29 11:33 - 2014-01-23 07:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-29 11:33 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-29 11:33 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-29 11:33 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Microsoft:W4eVyxhQvPX816mp0Jb
AlternateDataStreams: C:\ProgramData\Microsoft:WA0w1HB0EOhK3e4DJl7EO
AlternateDataStreams: C:\Users\Hawt BJ\Lokale Einstellungen:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local\Anwendungsdaten:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local\Temporary Internet Files:8NmBcvYWDblsmLa2Vm0kpr2IEkAhA
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^p6_19_erinnerung.lnk => C:\Windows\pss\p6_19_erinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Hawt BJ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE
MSCONFIG\startupreg: CTXFIREG => CTxfiReg.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogiScrollApp => C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Hawt BJ\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
==================== Faulty Device Manager Devices =============
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/01/2014 02:07:52 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034
Error: (05/01/2014 02:07:52 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 8034
Error: (05/01/2014 02:07:52 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/01/2014 02:07:51 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 7036
Error: (05/01/2014 02:07:51 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 7036
Error: (05/01/2014 02:07:51 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/01/2014 02:07:50 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6037
Error: (05/01/2014 02:07:50 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6037
Error: (05/01/2014 02:07:50 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/01/2014 02:07:49 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023
System errors:
=============
Error: (05/06/2014 03:24:36 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS-Supporter erreicht.
Error: (05/06/2014 10:31:31 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS-Supporter erreicht.
Error: (05/05/2014 03:18:22 PM) (Source: Service Control Manager) (User: ) (EventID: 7031)
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/05/2014 00:08:37 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS-Supporter erreicht.
Error: (05/05/2014 09:21:02 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS-Supporter erreicht.
Error: (05/04/2014 11:06:56 PM) (Source: volsnap) (User: ) (EventID: 36)
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/04/2014 06:50:04 PM) (Source: Service Control Manager) (User: ) (EventID: 7031)
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/04/2014 06:50:01 PM) (Source: Service Control Manager) (User: ) (EventID: 7031)
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/04/2014 06:41:15 PM) (Source: Service Control Manager) (User: ) (EventID: 7031)
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/04/2014 06:26:19 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS-Supporter erreicht.
Microsoft Office Sessions:
=========================
Error: (05/01/2014 02:07:52 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034
Error: (05/01/2014 02:07:52 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 8034
Error: (05/01/2014 02:07:52 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/01/2014 02:07:51 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 7036
Error: (05/01/2014 02:07:51 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 7036
Error: (05/01/2014 02:07:51 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/01/2014 02:07:50 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6037
Error: (05/01/2014 02:07:50 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6037
Error: (05/01/2014 02:07:50 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/01/2014 02:07:49 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023
==================== Memory info ===========================
Percentage of memory in use: 53%
Total physical RAM: 4094.3 MB
Available physical RAM: 1908.14 MB
Total Pagefile: 8186.78 MB
Available Pagefile: 5605.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:21.23 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:245.48 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:169.25 GB) NTFS
Drive f: () (Fixed) (Total:596.05 GB) (Free:303.91 GB) NTFS
Drive m: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: B9F2B47D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 738AC38E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 738AC387)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
GMER-log: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-06 15:42:52
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP7T0L0-9 SAMSUNG_SSD_830_Series rev.CXM03B1Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\HAWTBJ~1\AppData\Local\Temp\kgldipow.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[540] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\services.exe[612] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\winlogon.exe[636] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\lsass.exe[644] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[780] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[868] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[896] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Windows\system32\svchost.exe[940] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[116] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[304] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[432] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[484] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1052] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe[1164] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1180] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[1188] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1276] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[1580] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\taskeng.exe[1612] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1656] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1776] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1824] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Program Files\Bonjour\mDNSResponder.exe[1880] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[2068] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\SysWOW64\svchost.exe[2100] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Windows\System32\svchost.exe[2128] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2256] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[2292] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[2352] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2384] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2384] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000073d41a22 2 bytes [D4, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2384] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000073d41ad0 2 bytes [D4, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2384] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000073d41b08 2 bytes [D4, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2384] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000073d41bba 2 bytes [D4, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2384] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000073d41bda 2 bytes [D4, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2384] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000771a1465 2 bytes [1A, 77]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2384] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000771a14bb 2 bytes [1A, 77]
.text ... * 2
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[2412] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\conhost.exe[2420] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2456] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2456] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000771a1465 2 bytes [1A, 77]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2456] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000771a14bb 2 bytes [1A, 77]
.text ... * 2
.text C:\Windows\system32\svchost.exe[2784] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2828] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[2080] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[2812] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Windows\system32\svchost.exe[3244] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[3508] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[3612] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[1104] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\conhost.exe[1100] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[1260] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Windows\system32\Dwm.exe[932] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\taskhost.exe[956] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\Explorer.EXE[4116] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000771a1465 2 bytes [1A, 77]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000771a14bb 2 bytes [1A, 77]
.text ... * 2
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[4648] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4700] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[4920] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000077058791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[4920] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe[4932] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe[4932] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 00000000771a1465 2 bytes [1A, 77]
.text C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe[4932] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000771a14bb 2 bytes [1A, 77]
.text ... * 2
.text C:\Windows\system32\NOTEPAD.EXE[4944] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[552] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[4752] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[5708] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\wuauclt.exe[3684] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[1636] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\system32\SearchProtocolHost.exe[276] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Windows\SysWOW64\ctfmon.exe[3156] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
.text C:\Windows\system32\SearchFilterHost.exe[4328] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007767ef8d 1 byte [62]
.text C:\Users\Hawt BJ\Desktop\Gmer-19357.exe[5916] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007707a2fd 1 byte [62]
---- Processes - GMER 2.1 ----
Library C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe [4932](2014-01-03 03:42:50) 0000000003b60000
Library c:\users\hawtbj~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz96hrl.dll (*** suspicious ***) @ C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe [4932](2014-05-06 13:25:45) 0000000005b70000
Library C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe [4932](2013-10-18 23:55:02) 00000000624d0000
Library C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe [4932] (ICU Data DLL/The ICU Project)(2013-10-18 23:55:00) 0000000066070000
---- EOF - GMER 2.1 ----
|
|
06.05.2014, 15:54
| #2 |
| /// the machine /// TB-Ausbilder    |  Chrome Extension"BlOckThheADs" nicht löschbar hi,
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
06.05.2014, 16:41
| #3 |
| | Chrome Extension"BlOckThheADs" nicht löschbar Hi!
__________________Ich hab das mal alles gemacht und hier sind die Ergebnisse: Vielen Dank für deine Hilfe! vg Tantegreta edit: Problem besteht weiterhin noch :-( Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.05.06.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17105 Hawt BJ :: HAWTBJ [Administrator] 06.05.2014 17:03:29 mbam-log-2014-05-06 (17-03-29).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: Heuristiks/Extra | P2P Durchsuchte Objekte: 42842 Laufzeit: 5 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) AdwCleaner: Code:
ATTFilter # AdwCleaner v3.207 - Bericht erstellt am 06/05/2014 um 17:13:18
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Hawt BJ - HAWTBJ
# Gestartet von : C:\Users\Hawt BJ\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\prefs.js ]
-\\ Google Chrome v32.0.1700.102
[ Datei : C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://websearch.searchsunmy.info/?l=1&q={searchTerms}&pid=233&r=2014/01/03&hid=16202272847386566411&lg=EN&cc=DE&unqvl=45
Gelöscht [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=
Gelöscht [Startup_urls] : hxxp://websearch.searchsunmy.info/?pid=233&r=2014/01/03&hid=16202272847386566411&lg=EN&cc=DE&unqvl=45
*************************
AdwCleaner[R0].txt - [9356 octets] - [06/05/2014 14:26:47]
AdwCleaner[R1].txt - [9150 octets] - [06/05/2014 15:20:05]
AdwCleaner[R2].txt - [1454 octets] - [06/05/2014 17:11:36]
AdwCleaner[S0].txt - [8834 octets] - [06/05/2014 15:21:54]
AdwCleaner[S1].txt - [1527 octets] - [06/05/2014 17:13:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1587 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Hawt BJ on 06.05.2014 at 17:17:56,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-694931355-3105834076-3287228845-1001\Software\sweetim
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Hawt BJ\AppData\Roaming\mozilla\firefox\profiles\ngbakl49.default\minidumps [9 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.05.2014 at 17:32:49,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by Hawt BJ (administrator) on HAWTBJ on 06-05-2014 17:33:44
Running from C:\Users\Hawt BJ\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Spotify Ltd) C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Hawt BJ\AppData\Roaming\Spotify\spotify.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dropbox, Inc.) C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-06] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [Spotify Web Helper] => C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [Spotify] => C:\Users\Hawt BJ\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\MountPoints2: {d4022b10-8fc1-11e2-8768-001fd0a04fdd} - H:\Setup.exe
Startup: C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x87EE3C237A5ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {D425FB55-79D3-4DCD-956B-59BF5A3960AF} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - D:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X. 2\orbit\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: {7328c366-289d-426f-95c2-b45b291b9c90} - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\{7328c366-289d-426f-95c2-b45b291b9c90}.xpi [2013-11-05]
FF Extension: Adblock Plus - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: No Name - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-06-09]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-07]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=", "hxxp://websearch.searchsunmy.info/?pid=233&r=2014/01/03&hid=16202272847386566411&lg=EN&cc=DE&unqvl=45"
CHR Extension: (Adblock Plus) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-04]
CHR Extension: (YouTube™ Ratings Preview) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2014-03-04]
CHR Extension: (Reise durch Mittelerde) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2014-03-04]
CHR Extension: (Taylor Swift) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\laffmjcogdcgbpmgecdlgilgjekagpmb [2014-03-04]
CHR Extension: (Two-Click JDownloader) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljhooappahaeilmbekgcokgjjplambgo [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-08-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-09] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 e81a9dc1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs-ena~1\AssistantSvc.dll",service
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-18] (DT Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
R2 WLNdis50; C:\Windows\System32\DRIVERS\wlndis50.sys [35840 2008-01-28] ()
R2 WLNdis50; C:\Windows\SysWOW64\DRIVERS\wlndis50.sys [35840 2008-01-28] ()
S3 CT20XUT.DLL; system32\CT20XUT.DLL [X]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [X]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-06 17:32 - 2014-05-06 17:32 - 00000949 _____ () C:\Users\Hawt BJ\Desktop\JRT.txt
2014-05-06 17:17 - 2014-05-06 17:17 - 01016261 _____ (Thisisu) C:\Users\Hawt BJ\Desktop\JRT.exe
2014-05-06 17:17 - 2014-05-06 17:17 - 00000000 ____D () C:\Windows\ERUNT
2014-05-06 17:15 - 2014-05-06 17:15 - 00001667 _____ () C:\Users\Hawt BJ\Desktop\AdwCleaner[S1].txt
2014-05-06 16:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 16:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 16:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 16:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 15:53 - 2014-05-06 15:53 - 00027611 _____ () C:\Users\Hawt BJ\Desktop\Attached logs.zip
2014-05-06 15:31 - 2014-05-06 15:54 - 00128895 _____ () C:\Users\Hawt BJ\Desktop\Text.txt
2014-05-06 15:30 - 2014-05-06 15:30 - 00008834 _____ () C:\Users\Hawt BJ\Desktop\AdwCleaner[S0].txt
2014-05-06 15:18 - 2014-05-06 15:18 - 00050477 _____ () C:\Users\Hawt BJ\Desktop\Defogger.exe
2014-05-06 15:18 - 2014-05-06 15:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 15:18 - 2014-05-06 15:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:18 - 2014-05-06 15:18 - 00000546 _____ () C:\Users\Hawt BJ\Desktop\defogger_disable.log
2014-05-06 15:18 - 2014-05-06 15:18 - 00000168 _____ () C:\Users\Hawt BJ\defogger_reenable
2014-05-06 15:13 - 2014-05-06 15:42 - 00021680 _____ () C:\Users\Hawt BJ\Desktop\GMER Log 2014-05-06.log
2014-05-06 14:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-06 14:26 - 2014-05-06 17:13 - 00000000 ____D () C:\AdwCleaner
2014-05-06 14:22 - 2014-05-06 14:22 - 00380416 _____ () C:\Users\Hawt BJ\Desktop\Gmer-19357.exe
2014-05-06 14:15 - 2014-05-06 14:15 - 01316991 _____ () C:\Users\Hawt BJ\Desktop\adwcleaner.exe
2014-05-06 14:01 - 2014-05-06 15:37 - 00049939 _____ () C:\Users\Hawt BJ\Desktop\Addition.txt
2014-05-06 14:00 - 2014-05-06 17:34 - 00019660 _____ () C:\Users\Hawt BJ\Desktop\FRST.txt
2014-05-06 14:00 - 2014-05-06 17:33 - 00000000 ____D () C:\FRST
2014-05-06 13:57 - 2014-05-06 13:58 - 02063872 _____ (Farbar) C:\Users\Hawt BJ\Desktop\FRST64.exe
2014-05-05 12:08 - 2014-05-06 17:15 - 00001492 _____ () C:\Windows\PFRO.log
2014-05-05 00:56 - 2014-05-05 01:00 - 00000000 ____D () C:\Users\Hawt BJ\Downloads\thtdos.720-phd
2014-05-02 22:57 - 2014-05-02 22:57 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\DropboxMaster
2014-05-01 14:07 - 2014-05-01 14:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-01 14:06 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-01 14:06 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-30 01:12 - 2014-04-30 01:12 - 01611487 _____ () C:\Users\Hawt BJ\Desktop\Uhr.psd
2014-04-28 23:51 - 2014-05-05 14:50 - 00014650 _____ () C:\Users\Hawt BJ\Desktop\Laptop.xlsx
2014-04-28 12:20 - 2014-04-29 11:34 - 02951327 _____ () C:\Users\Hawt BJ\Desktop\Orgateam_Vorlesungswerbung_korrigiert.pptx
2014-04-25 14:07 - 2014-04-25 14:07 - 10677469 _____ () C:\Users\Hawt BJ\Downloads\2pac feat Dr.Dre - California Love.m4a
2014-04-23 00:43 - 2014-04-23 00:43 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-22 12:21 - 2014-04-22 12:21 - 05832779 _____ () C:\Users\Hawt BJ\Downloads\Catfish - Change Today-Shape Tomorrow.m4a
2014-04-19 10:06 - 2014-04-19 10:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-19 10:06 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-19 10:01 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-19 10:01 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-04-19 09:56 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-19 09:56 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-17 18:07 - 2014-05-06 17:16 - 00005163 _____ () C:\Windows\setupact.log
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieUserList
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieSiteList
2014-04-12 22:36 - 2014-04-12 22:36 - 09739697 _____ () C:\Users\Hawt BJ\Downloads\The Good Husbands - In Bloom (Official Video Lyrics) (256 kbit_s).m4a
2014-04-09 17:33 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-09 17:33 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-09 17:33 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 17:33 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-09 17:33 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 17:33 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 17:33 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-09 17:33 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 17:33 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 17:33 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-09 17:33 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-09 17:33 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-09 17:33 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 17:33 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-09 17:33 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-09 17:33 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 17:33 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-09 17:33 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-09 17:33 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-09 17:33 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 17:33 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 17:33 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 17:33 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 17:33 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-09 17:33 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-09 17:33 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 17:33 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 17:33 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-09 17:33 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-09 17:33 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 17:33 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-09 17:33 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 17:33 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-09 17:33 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-09 17:33 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 17:33 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 17:33 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 17:33 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 17:33 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 17:33 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 17:33 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-09 17:33 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-09 17:33 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 17:33 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 12:06 - 2014-05-06 13:01 - 00013234 _____ () C:\Users\Hawt BJ\Desktop\Stundenplan Björn SS2014.xlsx
2014-04-09 11:18 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 11:18 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 11:18 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 11:18 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 11:18 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 11:18 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 11:18 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 11:18 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 11:18 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 11:18 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 11:18 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 11:18 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 11:18 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
==================== One Month Modified Files and Folders =======
2014-05-06 17:34 - 2014-05-06 14:00 - 00019660 _____ () C:\Users\Hawt BJ\Desktop\FRST.txt
2014-05-06 17:33 - 2014-05-06 14:00 - 00000000 ____D () C:\FRST
2014-05-06 17:32 - 2014-05-06 17:32 - 00000949 _____ () C:\Users\Hawt BJ\Desktop\JRT.txt
2014-05-06 17:29 - 2013-01-02 11:53 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 17:29 - 2013-01-02 11:53 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-06 17:22 - 2009-07-14 19:58 - 00702926 _____ () C:\Windows\system32\perfh007.dat
2014-05-06 17:22 - 2009-07-14 19:58 - 00150566 _____ () C:\Windows\system32\perfc007.dat
2014-05-06 17:22 - 2009-07-14 07:13 - 01629212 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 17:21 - 2009-07-14 06:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-06 17:21 - 2009-07-14 06:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-06 17:20 - 2012-12-30 14:16 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Spotify
2014-05-06 17:19 - 2013-07-04 11:05 - 01979194 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 17:17 - 2014-05-06 17:17 - 01016261 _____ (Thisisu) C:\Users\Hawt BJ\Desktop\JRT.exe
2014-05-06 17:17 - 2014-05-06 17:17 - 00000000 ____D () C:\Windows\ERUNT
2014-05-06 17:16 - 2014-04-17 18:07 - 00005163 _____ () C:\Windows\setupact.log
2014-05-06 17:16 - 2013-06-29 01:20 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Dropbox
2014-05-06 17:16 - 2013-01-01 16:28 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-05-06 17:16 - 2013-01-01 16:28 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-05-06 17:15 - 2014-05-06 17:15 - 00001667 _____ () C:\Users\Hawt BJ\Desktop\AdwCleaner[S1].txt
2014-05-06 17:15 - 2014-05-05 12:08 - 00001492 _____ () C:\Windows\PFRO.log
2014-05-06 17:15 - 2013-12-01 14:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-06 17:15 - 2012-12-30 13:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-06 17:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-06 17:13 - 2014-05-06 14:26 - 00000000 ____D () C:\AdwCleaner
2014-05-06 17:13 - 2013-06-25 15:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-06 15:54 - 2014-05-06 15:31 - 00128895 _____ () C:\Users\Hawt BJ\Desktop\Text.txt
2014-05-06 15:53 - 2014-05-06 15:53 - 00027611 _____ () C:\Users\Hawt BJ\Desktop\Attached logs.zip
2014-05-06 15:42 - 2014-05-06 15:13 - 00021680 _____ () C:\Users\Hawt BJ\Desktop\GMER Log 2014-05-06.log
2014-05-06 15:37 - 2014-05-06 14:01 - 00049939 _____ () C:\Users\Hawt BJ\Desktop\Addition.txt
2014-05-06 15:30 - 2014-05-06 15:30 - 00008834 _____ () C:\Users\Hawt BJ\Desktop\AdwCleaner[S0].txt
2014-05-06 15:18 - 2014-05-06 15:18 - 00050477 _____ () C:\Users\Hawt BJ\Desktop\Defogger.exe
2014-05-06 15:18 - 2014-05-06 15:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 15:18 - 2014-05-06 15:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:18 - 2014-05-06 15:18 - 00000546 _____ () C:\Users\Hawt BJ\Desktop\defogger_disable.log
2014-05-06 15:18 - 2014-05-06 15:18 - 00000168 _____ () C:\Users\Hawt BJ\defogger_reenable
2014-05-06 15:18 - 2014-01-04 00:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-06 15:18 - 2013-12-01 14:42 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-06 15:18 - 2012-12-30 13:11 - 00000000 ____D () C:\Users\Hawt BJ
2014-05-06 14:22 - 2014-05-06 14:22 - 00380416 _____ () C:\Users\Hawt BJ\Desktop\Gmer-19357.exe
2014-05-06 14:15 - 2014-05-06 14:15 - 01316991 _____ () C:\Users\Hawt BJ\Desktop\adwcleaner.exe
2014-05-06 13:58 - 2014-05-06 13:57 - 02063872 _____ (Farbar) C:\Users\Hawt BJ\Desktop\FRST64.exe
2014-05-06 13:01 - 2014-04-09 12:06 - 00013234 _____ () C:\Users\Hawt BJ\Desktop\Stundenplan Björn SS2014.xlsx
2014-05-06 13:01 - 2013-11-14 13:17 - 00000000 ____D () C:\Users\Public\Documents\phase6_19_Daten
2014-05-06 10:41 - 2013-06-09 17:29 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\Adobe
2014-05-06 10:31 - 2012-12-30 14:16 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\Spotify
2014-05-05 15:40 - 2013-05-04 23:08 - 00000000 ____D () C:\Users\Hawt BJ\Documents\FIFA 13
2014-05-05 15:40 - 2013-02-02 17:28 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 14:50 - 2014-04-28 23:51 - 00014650 _____ () C:\Users\Hawt BJ\Desktop\Laptop.xlsx
2014-05-05 14:50 - 2013-02-02 17:28 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-05 09:24 - 2013-04-30 17:41 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-05-05 02:37 - 2013-12-15 12:34 - 00000000 ____D () C:\Program Files (x86)\JDownloader v2.0
2014-05-05 01:00 - 2014-05-05 00:56 - 00000000 ____D () C:\Users\Hawt BJ\Downloads\thtdos.720-phd
2014-05-05 00:50 - 2012-12-31 01:54 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\vlc
2014-05-04 18:42 - 2013-02-02 17:09 - 00000000 ____D () C:\Users\Hawt BJ\Desktop\Games
2014-05-02 22:57 - 2014-05-02 22:57 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\DropboxMaster
2014-05-02 22:57 - 2013-06-29 01:21 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-02 22:57 - 2012-12-30 13:11 - 00000000 ___RD () C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-01 14:07 - 2014-05-01 14:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 01:12 - 2014-04-30 01:12 - 01611487 _____ () C:\Users\Hawt BJ\Desktop\Uhr.psd
2014-04-30 00:05 - 2013-11-15 16:32 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Guitar Pro 6
2014-04-30 00:03 - 2013-01-03 12:45 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Ubisoft
2014-04-30 00:03 - 2012-12-30 13:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-30 00:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-30 00:01 - 2013-01-03 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-04-29 23:54 - 2013-02-02 19:04 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-29 23:54 - 2013-02-02 18:02 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-29 16:01 - 2014-05-06 16:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-06 16:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-06 16:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-06 16:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 11:34 - 2014-04-28 12:20 - 02951327 _____ () C:\Users\Hawt BJ\Desktop\Orgateam_Vorlesungswerbung_korrigiert.pptx
2014-04-28 20:13 - 2013-06-25 15:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 20:13 - 2013-06-25 15:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 20:13 - 2013-06-25 15:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-25 14:07 - 2014-04-25 14:07 - 10677469 _____ () C:\Users\Hawt BJ\Downloads\2pac feat Dr.Dre - California Love.m4a
2014-04-24 10:20 - 2013-04-04 16:52 - 00000000 ____D () C:\Users\Hawt BJ\Documents\My Games
2014-04-23 00:43 - 2014-04-23 00:43 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-23 00:43 - 2013-11-18 02:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-22 12:21 - 2014-04-22 12:21 - 05832779 _____ () C:\Users\Hawt BJ\Downloads\Catfish - Change Today-Shape Tomorrow.m4a
2014-04-20 16:35 - 2013-04-14 18:17 - 00000000 ____D () C:\Users\Hawt BJ\Desktop\Stuff
2014-04-19 10:06 - 2014-04-19 10:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-19 10:06 - 2013-09-19 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-04-19 10:06 - 2012-12-30 13:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-19 09:56 - 2013-11-20 22:06 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\NVIDIA Corporation
2014-04-19 09:56 - 2012-12-30 13:16 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-17 18:08 - 2009-07-14 06:45 - 09992576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-16 17:49 - 2012-12-30 15:37 - 00120440 _____ () C:\Users\Hawt BJ\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 04:24 - 2014-05-01 14:06 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-01 14:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieUserList
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieSiteList
2014-04-12 22:36 - 2014-04-12 22:36 - 09739697 _____ () C:\Users\Hawt BJ\Downloads\The Good Husbands - In Bloom (Official Video Lyrics) (256 kbit_s).m4a
2014-04-12 16:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-11 12:53 - 2013-01-07 20:10 - 00000000 ____D () C:\Windows\pss
2014-04-11 12:53 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-09 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-09 17:27 - 2013-01-27 20:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-09 11:36 - 2013-07-29 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-09 11:36 - 2012-12-31 02:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 11:29 - 2013-07-16 00:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 11:25 - 2012-12-30 13:44 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-06 19:56 - 2014-03-21 00:22 - 00000132 _____ () C:\Users\Hawt BJ\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
Some content of TEMP:
====================
C:\Users\Hawt BJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzs2rhz.dll
C:\Users\Hawt BJ\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Hawt BJ\AppData\Local\Temp\nvStInst.exe
C:\Users\Hawt BJ\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 21:10
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014
Ran by Hawt BJ at 2014-05-06 17:34:43
Running from C:\Users\Hawt BJ\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.8 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 1.1.960 - Adobe Systems Incorporated)
Adobe Muse (x32 Version: 1.1.960 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.1.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.1.0 - Adobe Systems Incorporated) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AIDA64 Extreme Edition v3.00 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Any Video Converter 5.0.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Revelations 1.02 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.02 - Ubisoft)
ASUS Xonar D1 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F68634D8-574F-42B2-B6D0-9B447EA9581E}) (Version: - Microsoft)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2010 (HKLM-x32\...\GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}) (Version: 1.0.0000.132 - Codemasters)
F1 2010 (x32 Version: 1.0.0000.132 - Codemasters) Hidden
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
FolderVisualizer (HKLM-x32\...\FolderVisualizer_is1) (Version: 2013 - Abelssoft)
FS Water Configurator 3.15 (HKLM\...\FS Water Configurator) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Minecraft 1.2.0_02 (HKLM-x32\...\Minecraft 1.2.0_02) (Version: - )
MKVToolNix 6.3.0 (HKLM-x32\...\MKVToolNix) (Version: 6.3.0 - Moritz Bunkus)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.7 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai)
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Tom Clancy's Splinter Cell Blacklist The 5th Freedom Edition 1.01 (HKLM-x32\...\Tom Clancy's Splinter Cell Blacklist The 5th Freedom Edition 1.01) (Version: - )
Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}) (Version: 1.05.157 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.02 - Ubisoft)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrackMania² Canyon (HKLM-x32\...\Steam App 228760) (Version: - Nadeo)
TrackMania² Valley (HKLM-x32\...\Steam App 243360) (Version: - Nadeo)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{327EABFD-EDD3-44E7-AB47-7592DF33B719}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F31E04-D56A-4159-BF36-CF3CE27DB30C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F9FAC8C0-20D9-4DC7-9A56-13B02BD4B724}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version: - )
VirtualDubMOD 1.5.10.3 US (HKLM-x32\...\{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1) (Version: 1.5.10.3 - Trad-Fr)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
xat.com JPEG Optimizer (HKLM-x32\...\xat.com JPEG Optimizer) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
04-05-2014 23:24:21 Geplanter Prüfpunkt
06-05-2014 13:18:06 avast! antivirus system restore point
06-05-2014 14:26:05 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-03-14 09:48 - 00451658 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 wip.adobe.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {03F4473D-2FB7-4EEC-B991-A942A1AC9138} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {0DA66E48-5CC0-4A0B-8E6A-E338D3C09511} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {297F2151-2982-454F-AA8E-37C8CF5FCE31} - System32\Tasks\{9055745E-EC66-46EA-B5F2-EF14CC552422} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {2AD00792-06E7-4A3F-B7B6-28CD07F6FCDB} - System32\Tasks\{05DCC141-E39C-42A0-B68C-75928037B1AD} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {2DBC23C3-84C6-4147-99D1-0E47B182DC58} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {523BFECA-5755-4F57-93BF-9F43C039F1DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {5E28667D-5CBA-4F36-8822-E94B17B09FC9} - System32\Tasks\AdobeAAMUpdater-1.0-HawtBJ-Hawt BJ => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {89F05796-F4F4-42DE-B394-00E18E3BA84A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {A78D05F7-3275-45EA-AB9F-BAF5D6E0AADE} - System32\Tasks\{F21BD032-4D9A-4D3D-A0A9-89AA2807C6A9} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {C057F381-0662-4BEF-9284-1DD635BC06AD} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-01-01] ()
Task: {C8F8AABB-4017-4B83-B626-F638A7E4D4A0} - System32\Tasks\{AF4CB764-DA0E-4D9D-876C-4173576355A4} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {CAD945D6-4120-4C0C-9E60-8DC5C051AF36} - System32\Tasks\{3FAAAA00-30C8-4D8B-A3E2-A8EF5E3C95B9} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {CC7FA82E-3FFC-4C2D-BCA4-678D0E9EB043} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {CD2450A0-87EF-4FD7-BECF-0141C47A09C3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E50BB1A0-0649-4B98-A08E-B816EAD94B54} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E69258D2-852A-4309-A6F5-43FDD922F1F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-30 13:16 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-24 19:24 - 2014-04-11 12:46 - 00602680 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-02-02 18:02 - 2013-03-09 22:47 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-10 18:48 - 2013-10-10 18:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-05-06 10:32 - 2014-05-06 09:35 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14050600\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-30 14:16 - 2014-04-11 12:46 - 36966968 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libcef.dll
2013-12-01 14:42 - 2013-12-01 14:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-06 17:16 - 2014-05-06 17:16 - 00041984 _____ () C:\Users\Hawt BJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzs2rhz.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-24 19:24 - 2014-04-11 12:46 - 00886840 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-24 19:24 - 2014-04-11 12:46 - 00108600 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libegl.dll
2014-03-12 18:28 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-12 18:28 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-12 18:28 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-03-12 18:28 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Microsoft:W4eVyxhQvPX816mp0Jb
AlternateDataStreams: C:\ProgramData\Microsoft:WA0w1HB0EOhK3e4DJl7EO
AlternateDataStreams: C:\Users\Hawt BJ\Lokale Einstellungen:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local\Anwendungsdaten:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local\Temporary Internet Files:8NmBcvYWDblsmLa2Vm0kpr2IEkAhA
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^p6_19_erinnerung.lnk => C:\Windows\pss\p6_19_erinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Hawt BJ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE
MSCONFIG\startupreg: CTXFIREG => CTxfiReg.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogiScrollApp => C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Hawt BJ\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
==================== Faulty Device Manager Devices =============
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 42%
Total physical RAM: 4094.3 MB
Available physical RAM: 2335.41 MB
Total Pagefile: 8186.78 MB
Available Pagefile: 6171.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:20.5 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:245.48 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:169.25 GB) NTFS
Drive f: () (Fixed) (Total:596.05 GB) (Free:303.91 GB) NTFS
Drive m: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: B9F2B47D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 738AC387)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 738AC38E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
07.05.2014, 11:06
| #4 |
| /// the machine /// TB-Ausbilder | Chrome Extension"BlOckThheADs" nicht löschbarESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.05.2014, 10:28
| #5 |
| | Chrome Extension"BlOckThheADs" nicht löschbar Hallo! Ich habe ESET zwar gestartet, jedoch wurde selbst nach 45 Minuten keine einzige Datei gescannt... Avast! habe ich für den Zeitraum deaktiviert. Und es ist tatsächlich nicht nur eine "Konfigurationssache" in Chrome? Also dass man dort vielleicht eine oder mehrere Config-Zeilen verändern muss? (Das war zumindest mein primärer Gedanke als Laie, als ich den Fehler sah...)  Viele Grüße! ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c4e7673f3638334ebda84c450288b9b1
# engine=0
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-08 07:42:16
# local_time=2014-05-08 09:42:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 71 64 152296 152609 0 0
# compatibility_mode=5893 16776574 100 94 116483 151164786 0 0
# scanned=0
# found=0
# cleaned=0
# scan_time=486
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c4e7673f3638334ebda84c450288b9b1
# engine=0
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-08 08:27:23
# local_time=2014-05-08 10:27:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 71 64 155003 155316 0 0
# compatibility_mode=5893 16776573 100 94 119190 151167493 0 0
# scanned=0
# found=0
# cleaned=0
# scan_time=2654
Code:
ATTFilter Results of screen317's Security Check version 0.99.82 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.75.0.1300 Java 7 Update 51 Java version out of Date! Adobe Flash Player 13.0.0.206 Adobe Reader XI Mozilla Firefox (28.0) Google Chrome 32.0.1700.102 Google Chrome 32.0.1700.76 ````````Process Check: objlist.exe by Laurent```````` Spybot Teatimer.exe is disabled! AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by Hawt BJ (administrator) on HAWTBJ on 08-05-2014 11:22:24
Running from C:\Users\Hawt BJ\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Spotify Ltd) C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Hawt BJ\AppData\Roaming\Spotify\spotify.exe
(Dropbox, Inc.) C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-06] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [Spotify Web Helper] => C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\Run: [Spotify] => C:\Users\Hawt BJ\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-694931355-3105834076-3287228845-1001\...\MountPoints2: {d4022b10-8fc1-11e2-8768-001fd0a04fdd} - H:\Setup.exe
Startup: C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x87EE3C237A5ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {D425FB55-79D3-4DCD-956B-59BF5A3960AF} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - D:\Program Files (x86)\Ubisoft\Tom Clancy's H.A.W.X. 2\orbit\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: {7328c366-289d-426f-95c2-b45b291b9c90} - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\{7328c366-289d-426f-95c2-b45b291b9c90}.xpi [2013-11-05]
FF Extension: Adblock Plus - C:\Users\Hawt BJ\AppData\Roaming\Mozilla\Firefox\Profiles\ngbakl49.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: No Name - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-06-09]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-07]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtD0AtDyE0F0D0DyDyC0A0AtN0D0Tzu0CyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2071287224&ir=", "hxxp://websearch.searchsunmy.info/?pid=233&r=2014/01/03&hid=16202272847386566411&lg=EN&cc=DE&unqvl=45"
CHR Extension: (Adblock Plus) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-04]
CHR Extension: (YouTube™ Ratings Preview) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2014-03-04]
CHR Extension: (Reise durch Mittelerde) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2014-03-04]
CHR Extension: (Taylor Swift) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\laffmjcogdcgbpmgecdlgilgjekagpmb [2014-03-04]
CHR Extension: (Two-Click JDownloader) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljhooappahaeilmbekgcokgjjplambgo [2014-03-04]
CHR Extension: (Google Wallet) - C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-08-21]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-09] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 e81a9dc1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs-ena~1\AssistantSvc.dll",service
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-18] (DT Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
R2 WLNdis50; C:\Windows\System32\DRIVERS\wlndis50.sys [35840 2008-01-28] ()
R2 WLNdis50; C:\Windows\SysWOW64\DRIVERS\wlndis50.sys [35840 2008-01-28] ()
S3 CT20XUT.DLL; system32\CT20XUT.DLL [X]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [X]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-08 11:22 - 2014-05-08 11:23 - 00020572 _____ () C:\Users\Hawt BJ\Desktop\FRST.txt
2014-05-08 11:13 - 2014-05-08 11:13 - 00001076 _____ () C:\Users\Hawt BJ\Desktop\checkup.txt
2014-05-08 09:33 - 2014-05-08 09:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-07 12:11 - 2014-05-07 12:11 - 02347384 _____ (ESET) C:\Users\Hawt BJ\Desktop\esetsmartinstaller_deu.exe
2014-05-07 12:11 - 2014-05-07 12:11 - 00855379 _____ () C:\Users\Hawt BJ\Desktop\SecurityCheck.exe
2014-05-06 18:36 - 2014-05-06 18:36 - 00002093 _____ () C:\Users\Hawt BJ\Desktop\Schlagworte zum Ausformulieren (Wiki).docx - Verknüpfung.lnk
2014-05-06 17:17 - 2014-05-06 17:17 - 01016261 _____ (Thisisu) C:\Users\Hawt BJ\Desktop\JRT.exe
2014-05-06 17:17 - 2014-05-06 17:17 - 00000000 ____D () C:\Windows\ERUNT
2014-05-06 16:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 16:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 16:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 16:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 15:31 - 2014-05-06 15:54 - 00128895 _____ () C:\Users\Hawt BJ\Desktop\Text.txt
2014-05-06 15:18 - 2014-05-06 15:18 - 00050477 _____ () C:\Users\Hawt BJ\Desktop\Defogger.exe
2014-05-06 15:18 - 2014-05-06 15:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 15:18 - 2014-05-06 15:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:18 - 2014-05-06 15:18 - 00000168 _____ () C:\Users\Hawt BJ\defogger_reenable
2014-05-06 14:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-06 14:26 - 2014-05-06 17:13 - 00000000 ____D () C:\AdwCleaner
2014-05-06 14:22 - 2014-05-06 14:22 - 00380416 _____ () C:\Users\Hawt BJ\Desktop\Gmer-19357.exe
2014-05-06 14:15 - 2014-05-06 14:15 - 01316991 _____ () C:\Users\Hawt BJ\Desktop\adwcleaner.exe
2014-05-06 14:00 - 2014-05-08 11:22 - 00000000 ____D () C:\FRST
2014-05-06 13:57 - 2014-05-06 13:58 - 02063872 _____ (Farbar) C:\Users\Hawt BJ\Desktop\FRST64.exe
2014-05-05 12:08 - 2014-05-06 17:15 - 00001492 _____ () C:\Windows\PFRO.log
2014-05-02 22:57 - 2014-05-02 22:57 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\DropboxMaster
2014-05-01 14:07 - 2014-05-01 14:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-01 14:06 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-01 14:06 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-30 01:12 - 2014-04-30 01:12 - 01611487 _____ () C:\Users\Hawt BJ\Desktop\Uhr.psd
2014-04-28 23:51 - 2014-05-05 14:50 - 00014650 _____ () C:\Users\Hawt BJ\Desktop\Laptop.xlsx
2014-04-28 12:20 - 2014-04-29 11:34 - 02951327 _____ () C:\Users\Hawt BJ\Desktop\Orgateam_Vorlesungswerbung_korrigiert.pptx
2014-04-25 14:07 - 2014-04-25 14:07 - 10677469 _____ () C:\Users\Hawt BJ\Downloads\2pac feat Dr.Dre - California Love.m4a
2014-04-23 00:43 - 2014-04-23 00:43 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-22 12:21 - 2014-04-22 12:21 - 05832779 _____ () C:\Users\Hawt BJ\Downloads\Catfish - Change Today-Shape Tomorrow.m4a
2014-04-19 10:06 - 2014-04-19 10:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-19 10:06 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-19 10:01 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-19 10:01 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-04-19 10:01 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-04-19 09:56 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-19 09:56 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-17 18:07 - 2014-05-08 09:32 - 00005667 _____ () C:\Windows\setupact.log
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieUserList
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieSiteList
2014-04-12 22:36 - 2014-04-12 22:36 - 09739697 _____ () C:\Users\Hawt BJ\Downloads\The Good Husbands - In Bloom (Official Video Lyrics) (256 kbit_s).m4a
2014-04-09 17:33 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-09 17:33 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-09 17:33 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 17:33 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-09 17:33 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 17:33 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 17:33 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-09 17:33 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 17:33 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 17:33 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-09 17:33 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-09 17:33 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-09 17:33 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 17:33 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-09 17:33 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-09 17:33 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 17:33 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-09 17:33 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-09 17:33 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-09 17:33 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 17:33 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 17:33 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 17:33 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 17:33 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-09 17:33 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-09 17:33 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 17:33 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 17:33 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-09 17:33 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-09 17:33 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 17:33 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-09 17:33 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 17:33 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-09 17:33 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-09 17:33 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 17:33 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 17:33 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 17:33 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 17:33 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 17:33 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 17:33 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-09 17:33 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-09 17:33 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 17:33 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 12:06 - 2014-05-06 13:01 - 00013234 _____ () C:\Users\Hawt BJ\Desktop\Stundenplan Björn SS2014.xlsx
2014-04-09 11:18 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 11:18 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 11:18 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 11:18 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 11:18 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 11:18 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 11:18 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 11:18 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 11:18 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 11:18 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 11:18 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 11:18 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 11:18 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 11:18 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
==================== One Month Modified Files and Folders =======
2014-05-08 11:23 - 2014-05-08 11:22 - 00020572 _____ () C:\Users\Hawt BJ\Desktop\FRST.txt
2014-05-08 11:22 - 2014-05-06 14:00 - 00000000 ____D () C:\FRST
2014-05-08 11:22 - 2012-12-30 14:16 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Spotify
2014-05-08 11:13 - 2014-05-08 11:13 - 00001076 _____ () C:\Users\Hawt BJ\Desktop\checkup.txt
2014-05-08 11:13 - 2013-06-25 15:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-08 10:34 - 2013-07-04 11:05 - 02007742 _____ () C:\Windows\WindowsUpdate.log
2014-05-08 10:29 - 2013-01-02 11:53 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-08 09:42 - 2013-06-09 17:29 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\Adobe
2014-05-08 09:38 - 2009-07-14 19:58 - 00702926 _____ () C:\Windows\system32\perfh007.dat
2014-05-08 09:38 - 2009-07-14 19:58 - 00150566 _____ () C:\Windows\system32\perfc007.dat
2014-05-08 09:38 - 2009-07-14 07:13 - 01629212 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 09:38 - 2009-07-14 06:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-08 09:38 - 2009-07-14 06:45 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-08 09:33 - 2014-05-08 09:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 09:33 - 2013-06-29 01:20 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Dropbox
2014-05-08 09:33 - 2013-01-01 16:28 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-05-08 09:33 - 2013-01-01 16:28 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-05-08 09:32 - 2014-04-17 18:07 - 00005667 _____ () C:\Windows\setupact.log
2014-05-08 09:32 - 2013-12-01 14:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-08 09:32 - 2013-01-02 11:53 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-08 09:32 - 2012-12-30 13:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-08 09:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-07 16:43 - 2012-12-31 01:54 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\vlc
2014-05-07 12:11 - 2014-05-07 12:11 - 02347384 _____ (ESET) C:\Users\Hawt BJ\Desktop\esetsmartinstaller_deu.exe
2014-05-07 12:11 - 2014-05-07 12:11 - 00855379 _____ () C:\Users\Hawt BJ\Desktop\SecurityCheck.exe
2014-05-06 18:36 - 2014-05-06 18:36 - 00002093 _____ () C:\Users\Hawt BJ\Desktop\Schlagworte zum Ausformulieren (Wiki).docx - Verknüpfung.lnk
2014-05-06 17:17 - 2014-05-06 17:17 - 01016261 _____ (Thisisu) C:\Users\Hawt BJ\Desktop\JRT.exe
2014-05-06 17:17 - 2014-05-06 17:17 - 00000000 ____D () C:\Windows\ERUNT
2014-05-06 17:15 - 2014-05-05 12:08 - 00001492 _____ () C:\Windows\PFRO.log
2014-05-06 17:13 - 2014-05-06 14:26 - 00000000 ____D () C:\AdwCleaner
2014-05-06 15:54 - 2014-05-06 15:31 - 00128895 _____ () C:\Users\Hawt BJ\Desktop\Text.txt
2014-05-06 15:18 - 2014-05-06 15:18 - 00050477 _____ () C:\Users\Hawt BJ\Desktop\Defogger.exe
2014-05-06 15:18 - 2014-05-06 15:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 15:18 - 2014-05-06 15:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 15:18 - 2014-05-06 15:18 - 00000168 _____ () C:\Users\Hawt BJ\defogger_reenable
2014-05-06 15:18 - 2014-01-04 00:29 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-06 15:18 - 2013-12-01 14:42 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-06 15:18 - 2013-12-01 14:42 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-06 15:18 - 2012-12-30 13:11 - 00000000 ____D () C:\Users\Hawt BJ
2014-05-06 14:22 - 2014-05-06 14:22 - 00380416 _____ () C:\Users\Hawt BJ\Desktop\Gmer-19357.exe
2014-05-06 14:15 - 2014-05-06 14:15 - 01316991 _____ () C:\Users\Hawt BJ\Desktop\adwcleaner.exe
2014-05-06 13:58 - 2014-05-06 13:57 - 02063872 _____ (Farbar) C:\Users\Hawt BJ\Desktop\FRST64.exe
2014-05-06 13:01 - 2014-04-09 12:06 - 00013234 _____ () C:\Users\Hawt BJ\Desktop\Stundenplan Björn SS2014.xlsx
2014-05-06 13:01 - 2013-11-14 13:17 - 00000000 ____D () C:\Users\Public\Documents\phase6_19_Daten
2014-05-06 10:31 - 2012-12-30 14:16 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\Spotify
2014-05-05 15:40 - 2013-05-04 23:08 - 00000000 ____D () C:\Users\Hawt BJ\Documents\FIFA 13
2014-05-05 15:40 - 2013-02-02 17:28 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 14:50 - 2014-04-28 23:51 - 00014650 _____ () C:\Users\Hawt BJ\Desktop\Laptop.xlsx
2014-05-05 14:50 - 2013-02-02 17:28 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-05 09:24 - 2013-04-30 17:41 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-05-05 02:37 - 2013-12-15 12:34 - 00000000 ____D () C:\Program Files (x86)\JDownloader v2.0
2014-05-04 18:42 - 2013-02-02 17:09 - 00000000 ____D () C:\Users\Hawt BJ\Desktop\Games
2014-05-02 22:57 - 2014-05-02 22:57 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\DropboxMaster
2014-05-02 22:57 - 2013-06-29 01:21 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-02 22:57 - 2012-12-30 13:11 - 00000000 ___RD () C:\Users\Hawt BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-01 14:07 - 2014-05-01 14:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 01:12 - 2014-04-30 01:12 - 01611487 _____ () C:\Users\Hawt BJ\Desktop\Uhr.psd
2014-04-30 00:05 - 2013-11-15 16:32 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Guitar Pro 6
2014-04-30 00:03 - 2013-01-03 12:45 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Roaming\Ubisoft
2014-04-30 00:03 - 2012-12-30 13:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-30 00:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-30 00:01 - 2013-01-03 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-04-29 23:54 - 2013-02-02 19:04 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-29 23:54 - 2013-02-02 18:02 - 00271200 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-29 16:01 - 2014-05-06 16:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-06 16:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-06 16:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-06 16:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 11:34 - 2014-04-28 12:20 - 02951327 _____ () C:\Users\Hawt BJ\Desktop\Orgateam_Vorlesungswerbung_korrigiert.pptx
2014-04-28 20:13 - 2013-06-25 15:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 20:13 - 2013-06-25 15:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 20:13 - 2013-06-25 15:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-25 14:07 - 2014-04-25 14:07 - 10677469 _____ () C:\Users\Hawt BJ\Downloads\2pac feat Dr.Dre - California Love.m4a
2014-04-24 10:20 - 2013-04-04 16:52 - 00000000 ____D () C:\Users\Hawt BJ\Documents\My Games
2014-04-23 00:43 - 2014-04-23 00:43 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-23 00:43 - 2013-11-18 02:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-22 12:21 - 2014-04-22 12:21 - 05832779 _____ () C:\Users\Hawt BJ\Downloads\Catfish - Change Today-Shape Tomorrow.m4a
2014-04-20 16:35 - 2013-04-14 18:17 - 00000000 ____D () C:\Users\Hawt BJ\Desktop\Stuff
2014-04-19 10:06 - 2014-04-19 10:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-19 10:06 - 2013-09-19 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-04-19 10:06 - 2012-12-30 13:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-19 09:56 - 2013-11-20 22:06 - 00000000 ____D () C:\Users\Hawt BJ\AppData\Local\NVIDIA Corporation
2014-04-19 09:56 - 2012-12-30 13:16 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-17 18:08 - 2009-07-14 06:45 - 09992576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-17 18:07 - 2014-04-17 18:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-16 17:49 - 2012-12-30 15:37 - 00120440 _____ () C:\Users\Hawt BJ\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 04:24 - 2014-05-01 14:06 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-01 14:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieUserList
2014-04-13 15:31 - 2014-04-13 15:31 - 00000000 __SHD () C:\Users\Hawt BJ\AppData\Local\EmieSiteList
2014-04-12 22:36 - 2014-04-12 22:36 - 09739697 _____ () C:\Users\Hawt BJ\Downloads\The Good Husbands - In Bloom (Official Video Lyrics) (256 kbit_s).m4a
2014-04-12 16:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-11 12:53 - 2013-01-07 20:10 - 00000000 ____D () C:\Windows\pss
2014-04-11 12:53 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-09 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-09 17:27 - 2013-01-27 20:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-09 11:36 - 2013-07-29 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-04-09 11:36 - 2012-12-31 02:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 11:29 - 2013-07-16 00:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 11:25 - 2012-12-30 13:44 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Hawt BJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixlhup.dll
C:\Users\Hawt BJ\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Hawt BJ\AppData\Local\Temp\nvStInst.exe
C:\Users\Hawt BJ\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 21:10
==================== End Of Log ============================
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014
Ran by Hawt BJ at 2014-05-08 11:23:25
Running from C:\Users\Hawt BJ\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.8 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 1.1.960 - Adobe Systems Incorporated)
Adobe Muse (x32 Version: 1.1.960 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.1.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.1.0 - Adobe Systems Incorporated) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AIDA64 Extreme Edition v3.00 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Any Video Converter 5.0.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Revelations 1.02 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.02 - Ubisoft)
ASUS Xonar D1 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F68634D8-574F-42B2-B6D0-9B447EA9581E}) (Version: - Microsoft)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2010 (HKLM-x32\...\GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}) (Version: 1.0.0000.132 - Codemasters)
F1 2010 (x32 Version: 1.0.0000.132 - Codemasters) Hidden
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
FolderVisualizer (HKLM-x32\...\FolderVisualizer_is1) (Version: 2013 - Abelssoft)
FS Water Configurator 3.15 (HKLM\...\FS Water Configurator) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Minecraft 1.2.0_02 (HKLM-x32\...\Minecraft 1.2.0_02) (Version: - )
MKVToolNix 6.3.0 (HKLM-x32\...\MKVToolNix) (Version: 6.3.0 - Moritz Bunkus)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.7 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai)
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Tom Clancy's Splinter Cell Blacklist The 5th Freedom Edition 1.01 (HKLM-x32\...\Tom Clancy's Splinter Cell Blacklist The 5th Freedom Edition 1.01) (Version: - )
Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}) (Version: 1.05.157 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.02 - Ubisoft)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrackMania² Canyon (HKLM-x32\...\Steam App 228760) (Version: - Nadeo)
TrackMania² Valley (HKLM-x32\...\Steam App 243360) (Version: - Nadeo)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{327EABFD-EDD3-44E7-AB47-7592DF33B719}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F31E04-D56A-4159-BF36-CF3CE27DB30C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F9FAC8C0-20D9-4DC7-9A56-13B02BD4B724}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version: - )
VirtualDubMOD 1.5.10.3 US (HKLM-x32\...\{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1) (Version: 1.5.10.3 - Trad-Fr)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
xat.com JPEG Optimizer (HKLM-x32\...\xat.com JPEG Optimizer) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
04-05-2014 23:24:21 Geplanter Prüfpunkt
06-05-2014 13:18:06 avast! antivirus system restore point
06-05-2014 14:26:05 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-03-14 09:48 - 00451658 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 wip.adobe.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {03F4473D-2FB7-4EEC-B991-A942A1AC9138} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {0DA66E48-5CC0-4A0B-8E6A-E338D3C09511} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {297F2151-2982-454F-AA8E-37C8CF5FCE31} - System32\Tasks\{9055745E-EC66-46EA-B5F2-EF14CC552422} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {2AD00792-06E7-4A3F-B7B6-28CD07F6FCDB} - System32\Tasks\{05DCC141-E39C-42A0-B68C-75928037B1AD} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {2DBC23C3-84C6-4147-99D1-0E47B182DC58} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {523BFECA-5755-4F57-93BF-9F43C039F1DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {5E28667D-5CBA-4F36-8822-E94B17B09FC9} - System32\Tasks\AdobeAAMUpdater-1.0-HawtBJ-Hawt BJ => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {89F05796-F4F4-42DE-B394-00E18E3BA84A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {A78D05F7-3275-45EA-AB9F-BAF5D6E0AADE} - System32\Tasks\{F21BD032-4D9A-4D3D-A0A9-89AA2807C6A9} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {C057F381-0662-4BEF-9284-1DD635BC06AD} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-01-01] ()
Task: {C8F8AABB-4017-4B83-B626-F638A7E4D4A0} - System32\Tasks\{AF4CB764-DA0E-4D9D-876C-4173576355A4} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {CAD945D6-4120-4C0C-9E60-8DC5C051AF36} - System32\Tasks\{3FAAAA00-30C8-4D8B-A3E2-A8EF5E3C95B9} => D:\Program Files (x86)\Codemasters\Heroes of the Pacific Demo\Heroes.exe
Task: {CC7FA82E-3FFC-4C2D-BCA4-678D0E9EB043} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {CD2450A0-87EF-4FD7-BECF-0141C47A09C3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E50BB1A0-0649-4B98-A08E-B816EAD94B54} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E69258D2-852A-4309-A6F5-43FDD922F1F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-30 13:16 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-24 19:24 - 2014-04-11 12:46 - 00602680 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-02-02 18:02 - 2013-03-09 22:47 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-10 18:48 - 2013-10-10 18:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-05-08 09:32 - 2014-05-08 09:32 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14050701\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-30 14:16 - 2014-04-11 12:46 - 36966968 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libcef.dll
2014-05-08 09:32 - 2014-05-08 09:32 - 00041984 _____ () C:\Users\Hawt BJ\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpixlhup.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Hawt BJ\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-01 14:42 - 2013-12-01 14:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-24 19:24 - 2014-04-11 12:46 - 00886840 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-24 19:24 - 2014-04-11 12:46 - 00108600 _____ () C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\libegl.dll
2014-03-12 18:28 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-12 18:28 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-12 18:28 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-03-12 18:28 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2014-01-29 11:33 - 2014-01-23 07:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-29 11:33 - 2014-01-23 07:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-29 11:33 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-29 11:33 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-29 11:33 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Microsoft:W4eVyxhQvPX816mp0Jb
AlternateDataStreams: C:\ProgramData\Microsoft:WA0w1HB0EOhK3e4DJl7EO
AlternateDataStreams: C:\Users\Hawt BJ\Lokale Einstellungen:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local\Anwendungsdaten:sIRNSSrl0JH6tKev1pQrYT
AlternateDataStreams: C:\Users\Hawt BJ\AppData\Local\Temporary Internet Files:8NmBcvYWDblsmLa2Vm0kpr2IEkAhA
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^p6_19_erinnerung.lnk => C:\Windows\pss\p6_19_erinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Hawt BJ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE
MSCONFIG\startupreg: CTXFIREG => CTxfiReg.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogiScrollApp => C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Hawt BJ\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Hawt BJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
==================== Faulty Device Manager Devices =============
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/08/2014 11:13:51 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/08/2014 09:42:23 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/08/2014 09:42:21 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/08/2014 09:33:20 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/08/2014 09:33:18 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/07/2014 00:59:39 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
Error: (05/07/2014 00:59:39 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 8019
Error: (05/07/2014 00:59:39 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/07/2014 00:59:38 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 7021
Error: (05/07/2014 00:59:38 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 7021
System errors:
=============
Error: (05/08/2014 09:32:39 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS-Supporter erreicht.
Error: (05/07/2014 01:00:08 PM) (Source: Microsoft-Windows-HAL) (User: ) (EventID: 12)
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (05/07/2014 10:21:41 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS-Supporter erreicht.
Error: (05/06/2014 10:01:32 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GS-Supporter erreicht.
Microsoft Office Sessions:
=========================
Error: (05/08/2014 11:13:51 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (05/08/2014 09:42:23 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hawt BJ\Desktop\esetsmartinstaller_deu.exe
Error: (05/08/2014 09:42:21 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hawt BJ\Desktop\esetsmartinstaller_deu.exe
Error: (05/08/2014 09:33:20 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hawt BJ\Desktop\esetsmartinstaller_deu.exe
Error: (05/08/2014 09:33:18 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hawt BJ\Desktop\esetsmartinstaller_deu.exe
Error: (05/07/2014 00:59:39 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
Error: (05/07/2014 00:59:39 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 8019
Error: (05/07/2014 00:59:39 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/07/2014 00:59:38 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 7021
Error: (05/07/2014 00:59:38 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 7021
==================== Memory info ===========================
Percentage of memory in use: 56%
Total physical RAM: 4094.3 MB
Available physical RAM: 1777.32 MB
Total Pagefile: 8186.78 MB
Available Pagefile: 5487.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:19.37 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:245.48 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:169.24 GB) NTFS
Drive f: () (Fixed) (Total:596.05 GB) (Free:303.9 GB) NTFS
Drive g: (FreeAgent GoFlex Drive) (Fixed) (Total:698.64 GB) (Free:28.75 GB) NTFS
Drive m: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: B9F2B47D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 738AC387)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 738AC38E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 4 (Size: 699 GB) (Disk ID: 20CEB5AC)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
09.05.2014, 08:48
| #6 |
| /// the machine /// TB-Ausbilder | Chrome Extension"BlOckThheADs" nicht löschbar Java updaten. Man muss zuerst mal die ganze Adware killen. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Noch probleme?
__________________ --> Chrome Extension"BlOckThheADs" nicht löschbar |
|
10.05.2014, 09:23
| #7 |
| | Chrome Extension"BlOckThheADs" nicht löschbar Hi! Gute Neuigkeiten, zumindest teilweise! Also die Erweiterung ist nach dem benutzen der fixlist.txt raus. Leider ist die Chrome-Update-Möglichkeit immer noch nur einem Administrator vorbehalten und da ich eigentlich Admin bin, sollte ich das ja auch tun dürfen :-( Da ich deine Nachricht anfangs überflogen habe, habe ich nochmal Java geupdated und folgendes Ergebnis mit ESET erhalten: ESET: Code:
ATTFilter C:\Users\Hawt BJ\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 Win32/AdWare.1ClickDownload.AR Anwendung
C:\Users\Hawt BJ\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\696ff2a5-43f2037a Variante von Java/TrojanDownloader.Agent.NHC Trojaner
Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2014 01
Ran by Hawt BJ at 2014-05-10 10:16:25 Run:1
Running from C:\Users\Hawt BJ\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
The system needed a reboot.
==== End of Fixlog ====
|
|
11.05.2014, 06:27
| #8 |
| /// the machine /// TB-Ausbilder | Chrome Extension"BlOckThheADs" nicht löschbar Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.05.2014, 16:18
| #9 |
| | Chrome Extension"BlOckThheADs" nicht löschbar Hi, vorher noch eine kurze Frage: Was passiert mit meinen Lesezeichen? Ich kann die ja nicht einfach alle löschen!  Keine Daten behalten klingt nämlich ziemlich so als würde es ausgeschlossen werden :-/ |
|
12.05.2014, 13:02
| #10 |
| /// the machine /// TB-Ausbilder | Chrome Extension"BlOckThheADs" nicht löschbar Lesezeichen darfste vorher exportieren, aber mehr nicht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.05.2014, 14:48
| #11 |
| | Chrome Extension"BlOckThheADs" nicht löschbar Juhuu! Es hat funktioniert! Die Add-Ons sind raus, ich kann auch wieder updaten jetzt! Vielen vielen Dank! Klare Weiterempfehlung! :-) PS: Die Updateeinstellung war einfach eine Registry-Einstellung. Dort musste man nur eine 1 anstelle einer Null setzen. |
|
13.05.2014, 11:36
| #12 |
| /// the machine /// TB-Ausbilder | Chrome Extension"BlOckThheADs" nicht löschbar Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Chrome Extension"BlOckThheADs" nicht löschbar |
| 4d36e972-e325-11ce-bfc1-08002be10318, abelssoft, antivirus, association, blockthheads, bonjour, chrome extension blockthheads, chrome extension blockthheads nicht löschbar, converter, defender, flash player, homepage, installation, launch, mozilla, object, onedrive, outlook 2013, photoshop, registry, rundll, security, services.exe, software, spotify web helper, system, temp, unternehmensrichtlinie, updates, wuauclt.exe |
Linear-Darstellung
