Hallo liebe Community,
In Chrome öffnet sich bei mir seit 2-3 Tagen immer wieder Werbung...
Dies nervt einen auf dauer natürlich ziemlich an ...

Wenn mir jemand helfen kann danke im vorraus!

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

habe ich bereits
https://www.dropbox.com/s/l5m3s7uwlxc8yl5/Addition.txt?dl=0

https://www.dropbox.com/s/uhvtr5yjbs0mc6r/FRST.txt?dl=0

das sind beide datein

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by Dominik at 2014-08-26 17:04:19
Running from C:\Users\Dominik\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.63 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.2 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
ANDY OS (HKLM\...\ANDY OS) (Version: 1.1 - andyroid.net)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
CINEMA 4D Student 15.057 (HKLM\...\MAXON5E326C3C) (Version: 15.057 - MAXON Computer GmbH)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Color Suite v11.1.1 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.1 - Red Giant, LLC)
ContextFree (HKCU\...\ContextFree) (Version:  - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2821 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.2821 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM-x32\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.8.725 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.5979.1 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11000.25.1 - Nero AG) Hidden
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1403.19) (Version: 3.6.1403.19 - Solveig Multimedia)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Mass Effect™ 3 Demo (HKLM-x32\...\{A1683CA7-4850-4A21-982B-C6D853C79AF7}) (Version: 1.0.0.0 - Electronic Arts)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Server 5.5 (HKLM\...\{EE59C8F0-6138-4276-8E64-A4D3E2662794}) (Version: 5.5.36 - Oracle Corporation)
Nero 10 ClipartPack (HKLM-x32\...\{96ED4B78-300E-4033-AE6C-C115CEB4DF07}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 1 (HKLM-x32\...\{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 2 (HKLM-x32\...\{E712C273-7564-4C8E-AA59-0FA19BC35117}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 3 (HKLM-x32\...\{92146419-AE44-4C8B-A48B-0ABB1B5EC026}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10300.0.0 - Nero AG) Hidden
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.0.10300.1.0 - Nero AG)
Nero 10 Movie ThemePack 2 (HKLM-x32\...\{70F19404-B96C-4EBB-AD2B-3574F8736197}) (Version: 10.0.10300.1.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10300.1.0 - Nero AG) Hidden
Nero 10 Sample ImagePack (HKLM-x32\...\{ACD15FDF-FC42-4175-B477-576F92FF2256}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Sample Videos (HKLM-x32\...\{92A10E9D-EA00-4A46-8F22-EEA660992D61}) (Version: 10.0.10300.2.0 - Nero AG)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11100.14.101 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.10700.7.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.10600.9.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.11500.1.0 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.13100.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10500.7.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10400.4.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.10500.7.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10400.5.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.11000.6.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.11200 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10600.1.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10500.5.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10500.1.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.10500.4.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.10700.4.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10500.1.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6554 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.100.4 - Red Giant, LLC)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sniper Ghost Warrior 2 Demo (HKLM-x32\...\Steam App 34880) (Version:  - City Interactive)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SurfEasy VPN 1.1.237 (HKLM-x32\...\SurfEasy VPN) (Version: 1.1.237 - SurfEasy Inc)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TL-WN822N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.00.0000 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 2.01.0012 - TP-LINK)
Trapcode Suite v12.1.5 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.5 - Red Giant, LLC)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB RACING WHEEL (HKLM-x32\...\FT33C2) (Version:  - )
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
watchmi (HKLM-x32\...\{F0559C5E-7912-4391-B1A0-6B975F0E5064}) (Version: 3.0.0 - Axel Springer Digital TV Guide GmbH)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Utils (HKLM-x32\...\Windows Utils) (Version:  - )
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 8.2 - Abelssoft)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Dominik\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Dominik\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dominik\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2539688962-1380141296-2660008707-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Dominik\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

24-08-2014 11:00:09 Removed Java 7 Update 67
24-08-2014 12:28:43 Removed Java 8 Update 20 (64-bit)
24-08-2014 12:30:38 Installed Java 7 Update 67
25-08-2014 13:46:39 Windows Update
25-08-2014 14:06:07 Installed Java 7 Update 67 (64-bit)
25-08-2014 14:10:46 Removed Java 7 Update 67
25-08-2014 16:53:15 avast! antivirus system restore point
25-08-2014 17:10:20 avast! antivirus system restore point
25-08-2014 17:31:36 Installed Oracle VM VirtualBox 4.3.14
25-08-2014 17:37:56 Removed Oracle VM VirtualBox 4.3.14
26-08-2014 14:47:29 Removed Bonjour

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {29071EA3-2C34-4B6A-8B1D-22BE485F061C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2539688962-1380141296-2660008707-1001UA => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-16] (Google Inc.)
Task: {56B8D0D5-6A4E-4983-934E-1DCC86B18D41} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-21] (AVAST Software)
Task: {593B9FF6-CA7E-45EE-B877-DF9432CC28CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-12] (Google Inc.)
Task: {5C97EFD1-955B-4ED3-87EE-9D8E7F9505DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2539688962-1380141296-2660008707-1001Core => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-16] (Google Inc.)
Task: {9C4DE9BA-AD54-4740-959C-70A5311ABCFE} - System32\Tasks\AdobeAAMUpdater-1.0-Dominik-PC-Dominik => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B0345334-369C-424C-9A52-D27A9666DD0F} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-06-17] ()
Task: {D88A999E-A213-4FF1-9D77-15C7FFD75F3A} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E7AB5484-DF25-4CE5-9D33-A172FDEE3461} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-12] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2539688962-1380141296-2660008707-1001Core.job => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2539688962-1380141296-2660008707-1001UA.job => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-22 00:12 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 02:10 - 2014-05-23 02:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-01-14 10:27 - 2014-01-14 10:27 - 09699840 _____ () C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
2013-07-16 16:21 - 2014-06-04 12:59 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-16 22:51 - 2013-10-16 22:51 - 03186360 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2012-01-31 11:24 - 2012-01-31 11:24 - 00070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2013-07-12 16:33 - 2013-07-12 16:33 - 00059904 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\3.0.0.8__f722db7bec59a14b\Tvd.Remote.dll
2013-07-12 16:33 - 2013-07-12 16:33 - 00034304 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\3.0.0.8__f722db7bec59a14b\Tvd.Tools.dll
2013-07-12 16:33 - 2013-07-12 16:33 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2013-07-12 16:33 - 2013-07-12 16:33 - 00079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\3.0.0.8__f722db7bec59a14b\Tvd.Reporting.dll
2013-07-12 16:33 - 2013-07-12 16:33 - 00153088 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\3.0.0.8__f722db7bec59a14b\Tvd.Aprico.dll
2014-08-09 15:43 - 2014-06-27 14:52 - 00923256 _____ () C:\Program Files\Andy\HandyAndy.exe
2014-08-09 15:43 - 2014-06-27 14:52 - 00905848 _____ () C:\Program Files\Andy\AndyPriorityMgr.exe
2014-07-01 14:26 - 2014-07-01 14:26 - 00596480 _____ () C:\Users\Dominik\AppData\Local\ContextFree\nvcmd.exe
2013-07-12 16:44 - 2011-04-08 08:58 - 00788992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2012-01-31 11:24 - 2012-01-31 11:24 - 01070592 _____ () C:\Program Files (x86)\watchmi\TvdTray.exe
2012-01-31 11:24 - 2012-01-31 11:24 - 00004608 _____ () C:\Program Files (x86)\watchmi\de\TvdTray.resources.dll
2014-05-23 02:10 - 2014-05-23 02:10 - 05341856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-09-25 14:20 - 2014-07-18 13:50 - 00601144 _____ () C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-21 17:18 - 2014-08-21 17:18 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-25 19:24 - 2014-08-25 19:24 - 02801152 _____ () C:\Program Files\AVAST Software\Avast\defs\14082500\algo.dll
2014-08-26 16:29 - 2014-08-26 16:29 - 02801152 _____ () C:\Program Files\AVAST Software\Avast\defs\14082600\algo.dll
2013-07-12 17:13 - 2014-07-18 13:50 - 36966968 _____ () C:\Users\Dominik\AppData\Roaming\Spotify\Data\libcef.dll
2013-07-12 16:44 - 2011-04-08 16:38 - 01410048 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2013-07-12 16:44 - 2011-01-12 13:44 - 00167424 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2013-07-12 16:44 - 2011-02-25 15:00 - 00128000 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2013-07-12 16:44 - 2010-12-27 10:30 - 00111616 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-05-26 05:52 - 2014-05-26 05:52 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-08-21 17:18 - 2014-08-21 17:18 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-17 18:30 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-17 18:30 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-26 16:30 - 2014-08-26 16:30 - 00043008 _____ () c:\users\dominik\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6t6h7w.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Dominik\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-12 22:22 - 2014-05-12 22:22 - 02217128 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManZxpSign.dll
2014-08-18 11:14 - 2014-08-18 11:14 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5744dbc804f3ddc8c5416a9de9e8c26d\IsdiInterop.ni.dll
2012-03-21 23:51 - 2012-02-02 01:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-07-18 13:50 - 2014-07-18 13:50 - 00867896 _____ () C:\Users\Dominik\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-09-25 14:20 - 2014-07-18 13:50 - 00886840 _____ () C:\Users\Dominik\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-25 14:20 - 2014-07-18 13:50 - 00108600 _____ () C:\Users\Dominik\AppData\Roaming\Spotify\Data\libegl.dll
2014-08-17 18:30 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-17 18:30 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-17 18:30 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-17 18:30 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Dominik\Downloads\Fraps Crack by HZHD.rar__3515_i1208017882_il2437094.exe:typelib

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SurfEasy => C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe startup

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/26/2014 04:29:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2014 04:28:28 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/25/2014 07:18:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 07:17:38 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/25/2014 07:10:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswStm.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/25/2014 07:10:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/25/2014 03:41:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 03:40:01 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/24/2014 01:02:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 36.0.1985.143 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1fb4

Startzeit: 01cfbf8aa51cd4cd

Endzeit: 6

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 10e53dbd-2b7e-11e4-9d31-8c89a5a30c36

Error: (08/24/2014 11:14:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/26/2014 04:28:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (08/25/2014 07:23:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (08/25/2014 07:17:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (08/25/2014 03:39:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/25/2014 03:39:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! Antivirus" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/25/2014 03:39:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst avast! Antivirus erreicht.

Error: (08/25/2014 03:39:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (08/24/2014 11:13:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2014 11:13:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! Antivirus" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/24/2014 11:13:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst avast! Antivirus erreicht.


Microsoft Office Sessions:
=========================
Error: (08/26/2014 04:29:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/26/2014 04:28:28 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/25/2014 07:18:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 07:17:38 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/25/2014 07:10:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswStm.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/25/2014 07:10:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/25/2014 03:41:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 03:40:01 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/24/2014 01:02:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.1431fb401cfbf8aa51cd4cd6C:\Program Files (x86)\Google\Chrome\Application\chrome.exe10e53dbd-2b7e-11e4-9d31-8c89a5a30c36

Error: (08/24/2014 11:14:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 38%
Total physical RAM: 10221.64 MB
Available physical RAM: 6292.1 MB
Total Pagefile: 20441.46 MB
Available Pagefile: 15940.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:942.39 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:29.36 GB) NTFS
Drive e: (RCT3) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: E14A9616)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Dominik (administrator) on DOMINIK-PC on 26-08-2014 17:03:04
Running from C:\Users\Dominik\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
() C:\Program Files\Andy\HandyAndy.exe
(Spotify Ltd) C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Dominik\AppData\Roaming\Spotify\spotify.exe
() C:\Program Files\Andy\AndyPriorityMgr.exe
() C:\Users\Dominik\AppData\Local\ContextFree\nvcmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(Dropbox, Inc.) C:\Users\Dominik\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Windows Net) C:\Users\Dominik\AppData\Roaming\Windows Net Data\net.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe [923256 2014-06-27] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-02] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-14] (InstallShield Software Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2688920 2014-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1226024 2010-02-22] (Nero AG)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-25] (AVAST Software)
HKLM-x32\...\Run: [mbot_de_34] => [X]
HKLM\...\RunOnce: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [Spotify Web Helper] => C:\Users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [Google Update] => C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-07-16] (Google Inc.)
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [Spotify] => C:\Users\Dominik\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [Real Desktop] => "C:\Program Files (x86)\Real Desktop\rdesc.exe"
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [framei] => C:\Users\Dominik\AppData\Local\ContextFree\framei.exe [567808 2014-07-01] ()
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [nvcmd] => C:\Users\Dominik\AppData\Local\ContextFree\nvcmd.exe [596480 2014-07-01] ()
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [cntcmd] => C:\Users\Dominik\AppData\Local\ContextFree\cntcmd.exe [596480 2014-07-01] ()
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Run: [GoogleChromeAutoLaunch_66F8C29980E8EAA9103CEBF5E167BC0C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2539688962-1380141296-2660008707-1001\...\MountPoints2: {5f6380cb-eb4a-11e2-bf74-806e6f6e6963} - E:\Autorun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dominik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Dominik\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Real Desktop.lnk
ShortcutTarget: Real Desktop.lnk -> C:\Program Files (x86)\Real Desktop\rdesc.exe (No File)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M3C4D28A8-AD79-428D-BD00-29622645FA12&SearchSource=55&CUI=&UM=6&UP=SPF5F640E6-F8B0-49D3-A2AC-01F7DBB13A4F&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M3C4D28A8-AD79-428D-BD00-29622645FA12&SearchSource=58&CUI=&UM=6&UP=SPF5F640E6-F8B0-49D3-A2AC-01F7DBB13A4F&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M3C4D28A8-AD79-428D-BD00-29622645FA12&SearchSource=58&CUI=&UM=6&UP=SPF5F640E6-F8B0-49D3-A2AC-01F7DBB13A4F&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397388606&from=epom2&uid=ST2000DL003-9VT166_6YD1EFQAXXXX6YD1EFQA&q={searchTerms}
SearchScopes: HKCU - {F438F265-CF29-482D-B121-FD734AF1D5E1} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\axctigto.default
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M3C4D28A8-AD79-428D-BD00-29622645FA12&SearchSource=55&CUI=&UM=6&UP=SPF5F640E6-F8B0-49D3-A2AC-01F7DBB13A4F&SSPV=
FF SelectedSearchEngine: Trovi search
FF NewTab: about:newtab
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Dominik\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Dominik\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dominik\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dominik\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\axctigto.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/", "hxxp://google.com/"
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-08-25]
CHR Extension: (Angry Birds) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-08-25]
CHR Extension: (Google Docs) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18]
CHR Extension: (Google Drive) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18]
CHR Extension: (TV) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-08-25]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18]
CHR Extension: (Adblock Plus) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-26]
CHR Extension: (Google-Suche) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18]
CHR Extension: (Wetter) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2014-08-25]
CHR Extension: (Cut the Rope) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2014-08-25]
CHR Extension: (Color Changer für Facebook) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnafahpcndghkcdngfombklgpffkehmg [2014-08-25]
CHR Extension: (Dropbox) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-08-25]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2014-08-25]
CHR Extension: (Alarm Clock Radio) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi [2014-08-25]
CHR Extension: (Evernote Web) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-08-25]
CHR Extension: (Google Maps) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-08-25]
CHR Extension: (Amazon-Icon) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-04-18]
CHR Extension: (Plants vs Zombies) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2014-08-25]
CHR Extension: (Google Wallet) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Todo.ly) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap [2014-08-25]
CHR Extension: (Evernote Web Clipper) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-08-25]
CHR Extension: (Google Mail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18]
CHR Extension: (Extutil) - C:\Users\Dominik\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-04]
CHR Extension: (Managera) - C:\Users\Dominik\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Dominik\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-12-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-21] (AVAST Software)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8919 2014-02-10] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-04] ()
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [3186360 2013-10-16] ()
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed]
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-21] ()
S3 HidNt; C:\Windows\System32\DRIVERS\HIDNt.sys [22576 2008-04-18] (Microsoft Corporation) [File not signed]
S3 HidNt; C:\Windows\SysWOW64\DRIVERS\HIDNt.sys [18992 2008-04-18] (Microsoft Corporation) [File not signed]
S3 Mac606; C:\Windows\System32\DRIVERS\Mac606.sys [33200 2008-04-18] () [File not signed]
S3 Mac606; C:\Windows\SysWOW64\DRIVERS\Mac606.sys [26672 2008-04-18] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 tapse01; C:\Windows\System32\DRIVERS\tapse01.sys [39608 2013-10-16] (The OpenVPN Project)
S3 cpuz136; \??\C:\Users\Dominik\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 17:03 - 2014-08-26 17:03 - 00029393 _____ () C:\Users\Dominik\Desktop\FRST.txt
2014-08-26 17:02 - 2014-08-26 17:03 - 00000000 ____D () C:\FRST
2014-08-26 17:02 - 2014-08-26 17:02 - 02103296 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2014-08-26 17:02 - 2014-08-26 17:02 - 02103296 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2014-08-26 16:58 - 2014-08-26 16:58 - 00000000 ____D () C:\ProgramData\RFA_Backups
2014-08-26 16:57 - 2014-08-26 16:57 - 06570232 _____ (RoseCitySoftware ) C:\Users\Dominik\Downloads\rfasetup93.exe
2014-08-25 19:34 - 2014-08-25 19:34 - 00000000 ____D () C:\Users\Dominik\VirtualBox VMs
2014-08-25 19:32 - 2014-08-25 19:37 - 00000000 ____D () C:\Users\Dominik\.VirtualBox
2014-08-25 19:32 - 2014-07-15 16:16 - 00863528 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-08-25 19:32 - 2014-07-15 16:15 - 00129168 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-08-25 19:24 - 2014-08-25 19:27 - 116695840 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\VirtualBox-4.3.14-95030-Win.exe
2014-08-25 19:24 - 2014-08-25 19:25 - 54661120 _____ () C:\Users\Dominik\Downloads\android-x86-1.6-r2.iso
2014-08-25 19:04 - 2014-08-25 19:04 - 00739872 _____ ( ) C:\Users\Dominik\Downloads\plants-vs.-zombies-garden-warfare-full-version.exe
2014-08-25 19:04 - 2014-08-25 19:04 - 00146606 _____ () C:\Users\Dominik\Downloads\plants-vs.-zombies-garden-warfare-full-version [1].exe
2014-08-25 18:54 - 2014-08-25 19:11 - 00001930 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-25 16:06 - 2014-08-25 16:06 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-25 16:06 - 2014-08-25 16:06 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-25 16:06 - 2014-08-25 16:06 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-25 16:06 - 2014-08-25 16:06 - 00000000 ____D () C:\Program Files\Java
2014-08-25 15:51 - 2014-08-25 15:51 - 31013800 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\jre-7u67-windows-x64.exe
2014-08-25 15:47 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-25 15:47 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-25 15:47 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-25 15:47 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-25 15:47 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-25 15:47 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-25 15:47 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-25 15:47 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-25 15:47 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-25 15:47 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-25 15:47 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-25 15:47 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-25 15:47 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-25 15:47 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-24 15:26 - 2014-08-24 15:26 - 00257791 _____ () C:\Users\Dominik\Downloads\Subway by pg5.zip
2014-08-24 14:32 - 2014-08-24 14:32 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Oracle
2014-08-24 14:30 - 2014-08-24 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-24 14:28 - 2014-08-24 14:28 - 00918440 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\chromeinstall-7u67.exe
2014-08-24 14:23 - 2014-08-24 14:23 - 01179424 _____ () C:\Users\Dominik\Downloads\Flans Mod Installer 1.7.10.exe
2014-08-24 14:22 - 2014-08-24 14:22 - 01174304 _____ () C:\Users\Dominik\Downloads\Not Enough Items Mod Installer 1.7.10 (2).exe
2014-08-24 14:21 - 2014-08-24 14:21 - 01174304 _____ () C:\Users\Dominik\Downloads\Not Enough Items Mod Installer 1.7.10 (1).exe
2014-08-24 14:21 - 2014-08-24 14:21 - 01171232 _____ () C:\Users\Dominik\Downloads\TConstruct Mod Installer 1.7.10.exe
2014-08-24 14:19 - 2014-08-24 14:19 - 01175840 _____ () C:\Users\Dominik\Downloads\Chisel Mod Installer 1.7.10.exe
2014-08-24 14:18 - 2014-08-24 14:18 - 01180448 _____ () C:\Users\Dominik\Downloads\Morph Mod Installer 1.7.10.exe
2014-08-24 13:55 - 2014-08-24 14:00 - 76614383 _____ () C:\Users\Dominik\Downloads\New Castol City 2014 V 1.2 Villenviertel.zip
2014-08-24 13:35 - 2014-08-24 13:36 - 02277949 _____ () C:\Users\Dominik\Downloads\WarGear Park.zip
2014-08-24 13:07 - 2014-08-24 13:07 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\java
2014-08-24 13:06 - 2014-08-25 16:06 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-24 13:02 - 2014-08-24 13:05 - 96138664 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\jre-8u20-windows-x64.exe
2014-08-24 13:01 - 2014-08-24 13:02 - 03735713 _____ () C:\Users\Dominik\Downloads\Nicht bestätigt 796382.crdownload
2014-08-24 12:40 - 2014-08-24 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-08-24 12:40 - 2014-08-24 12:40 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-08-24 12:38 - 2014-08-24 12:38 - 17033651 _____ (Craften.de ) C:\Users\Dominik\Downloads\craftenterminal (1).exe
2014-08-24 12:37 - 2014-08-24 12:37 - 00000000 ____D () C:\Users\Dominik\Desktop\world
2014-08-24 12:34 - 2014-08-24 12:35 - 09999270 _____ () C:\Users\Dominik\Downloads\minecraft_server.1.7.10 (1).exe
2014-08-24 12:31 - 2014-08-24 12:31 - 20471204 _____ () C:\Users\Dominik\Downloads\craftbukkit-1.7.10-R0.1-20140808.005431-8.jar
2014-08-24 12:26 - 2014-08-24 12:26 - 02924339 _____ () C:\Users\Dominik\Downloads\shaderpack.zip
2014-08-24 12:17 - 2014-08-24 12:17 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10 (4).exe
2014-08-24 12:16 - 2014-08-24 12:17 - 41790300 _____ () C:\Users\Dominik\Downloads\Invictus-1.0-Shader.zip
2014-08-24 11:27 - 2014-08-24 11:28 - 36934928 _____ () C:\Users\Dominik\Downloads\Invictus-1.0.zip
2014-08-23 13:17 - 2014-08-23 13:17 - 00000000 ____D () C:\Program Files (x86)\predm
2014-08-22 22:01 - 2014-08-22 22:01 - 00000408 _____ () C:\Users\Dominik\AppData\Roaming\CamShapes.ini
2014-08-22 22:01 - 2014-08-22 22:01 - 00000408 _____ () C:\Users\Dominik\AppData\Roaming\CamLayout.ini
2014-08-22 22:01 - 2014-08-22 22:01 - 00000055 _____ () C:\Users\Dominik\AppData\Roaming\Camdata.ini
2014-08-22 20:19 - 2014-08-22 20:19 - 00000687 _____ () C:\awh25BF.tmp
2014-08-22 20:16 - 2014-08-25 15:59 - 00000000 ____D () C:\Fraps
2014-08-22 20:16 - 2014-08-22 20:16 - 00000566 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-08-22 20:16 - 2014-08-22 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-08-22 20:15 - 2014-08-22 20:15 - 02624008 _____ () C:\Users\Dominik\Downloads\Fraps-Crack-by-HZHD.rar
2014-08-22 20:14 - 2014-08-22 20:14 - 00448208 _____ () C:\Users\Dominik\Downloads\Fraps Crack by HZHD.rar__3038_i1208021828_il2437094.exe
2014-08-22 20:14 - 2014-08-22 20:14 - 00448208 _____ () C:\Users\Dominik\Downloads\Fraps Crack by HZHD.rar__3038_i1208017924_il2437094.exe
2014-08-22 20:14 - 2014-08-22 20:14 - 00000000 ____D () C:\Users\Dominik\AppData\Local\ContextFree
2014-08-22 20:13 - 2014-08-22 20:13 - 00448208 _____ () C:\Users\Dominik\Downloads\Fraps Crack by HZHD.rar__3515_i1208017882_il2437094.exe
2014-08-22 20:02 - 2014-08-22 20:03 - 00000000 ____D () C:\Users\Dominik\Documents\My CamStudio Temp Files
2014-08-22 19:59 - 2014-08-22 22:01 - 00004535 _____ () C:\Users\Dominik\AppData\Roaming\CamStudio.cfg
2014-08-22 19:58 - 2014-08-25 19:05 - 00000000 ____D () C:\Program Files (x86)\PennyBee
2014-08-22 19:58 - 2014-08-22 20:04 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-08-22 19:58 - 2014-08-22 19:59 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Systweak
2014-08-22 19:58 - 2014-08-22 19:58 - 00003314 _____ () C:\Windows\System32\Tasks\ASP
2014-08-22 19:58 - 2014-08-22 19:58 - 00000096 _____ () C:\Users\Dominik\AppData\Roaming\version2.xml
2014-08-22 19:58 - 2014-08-05 19:14 - 00020328 _____ () C:\Windows\system32\roboot64.exe
2014-08-22 19:57 - 2014-08-22 19:57 - 00711585 _____ () C:\Users\Dominik\Downloads\CamStudioSetup_v2.7.2.zip
2014-08-22 19:34 - 2014-08-22 19:34 - 00000000 ____D () C:\Users\Dominik\AppData\Local\{429F99B8-10F5-4B35-95B6-58E297524C7F}
2014-08-22 16:39 - 2014-08-22 16:39 - 00108544 _____ () C:\Windows\SysWOW64\installd.exe
2014-08-21 17:29 - 2014-08-21 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-21 17:25 - 2014-08-21 17:25 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\AVAST Software
2014-08-21 17:21 - 2014-08-21 17:21 - 00305400 _____ () C:\Windows\Minidump\082114-27955-01.dmp
2014-08-21 17:19 - 2014-08-26 16:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-21 17:18 - 2014-08-25 19:11 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-21 17:18 - 2014-08-21 17:18 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-21 17:18 - 2014-08-21 17:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-21 17:17 - 2014-08-21 17:17 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-18 12:15 - 2014-08-21 17:17 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-18 12:12 - 2014-08-18 12:14 - 91906368 _____ (AVAST Software) C:\Users\Dominik\Downloads\avast_free_antivirus_setup_9.0.2021 (1).exe
2014-08-17 20:14 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 20:14 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-17 20:14 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 20:14 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 20:14 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-17 20:14 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-17 20:13 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 20:13 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 17:52 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-17 17:52 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-17 17:52 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-17 17:52 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-17 17:52 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-17 17:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-17 17:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-17 17:51 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-17 17:51 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-17 17:51 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-17 17:51 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-17 17:51 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-17 17:51 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-17 17:51 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-17 17:51 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-17 17:51 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-17 17:51 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-17 17:51 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-17 17:51 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-17 17:51 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-17 17:51 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-17 17:51 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-17 17:51 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-17 17:51 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-17 17:51 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-17 17:51 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-17 17:51 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-17 17:51 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-17 17:51 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-17 17:51 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-17 17:51 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-17 17:51 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-17 17:51 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-17 17:51 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-17 17:51 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-17 17:51 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-17 17:51 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-17 17:51 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-17 17:51 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-17 17:51 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-17 17:51 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-17 17:51 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-17 17:51 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-17 17:51 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-17 17:51 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-17 17:51 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-17 17:51 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-17 17:51 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-17 17:51 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-17 17:51 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-17 17:51 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-17 17:51 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-17 17:51 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-17 17:51 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-17 17:51 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-17 17:51 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-17 17:51 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-17 17:51 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-17 17:51 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-17 17:51 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-17 17:51 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 17:51 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-17 17:51 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-17 17:51 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-17 17:51 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-17 17:51 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-17 17:51 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-17 17:51 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-17 17:50 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-17 17:50 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-17 17:50 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-17 17:50 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-11 17:19 - 2014-08-11 17:19 - 00006068 _____ () C:\Users\Dominik\Downloads\WarpCore.jar
2014-08-11 14:01 - 2014-08-24 12:37 - 00000000 ____D () C:\Users\Dominik\Desktop\Lets Build
2014-08-11 13:59 - 2014-08-11 13:59 - 00405434 _____ () C:\Users\Dominik\Desktop\WinRAR ZIP archive (neu).zip
2014-08-11 12:07 - 2014-08-11 12:08 - 11895013 _____ () C:\Users\Dominik\Downloads\WeepCraft.zip
2014-08-10 12:49 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-10 12:49 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-09 19:00 - 2014-08-09 19:00 - 01185056 _____ () C:\Users\Dominik\Downloads\Smart Moving Mod Installer 1.7.10.exe
2014-08-09 19:00 - 2014-08-09 19:00 - 01174304 _____ () C:\Users\Dominik\Downloads\Paintball Mod Installer 1.7.10.exe
2014-08-09 18:59 - 2014-08-09 18:59 - 02283826 _____ () C:\Users\Dominik\Downloads\PaintballArenaByKraizeeM-V1.2.zip
2014-08-09 15:54 - 2014-08-09 15:54 - 01174304 _____ () C:\Users\Dominik\Downloads\Not Enough Items Mod Installer 1.7.10.exe
2014-08-09 15:51 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-08-09 15:51 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-08-09 15:51 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-08-09 15:51 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-08-09 15:51 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-08-09 15:51 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-09 15:51 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-08-09 15:51 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-08-09 15:51 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-08-09 15:51 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-08-09 15:51 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-08-09 15:51 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-08-09 15:51 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-08-09 15:51 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-08-09 15:51 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-08-09 15:51 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-08-09 15:50 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-08-09 15:50 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-08-09 15:45 - 2014-08-26 16:29 - 00000000 ____D () C:\Users\Dominik\Andy
2014-08-09 15:45 - 2014-08-25 19:22 - 00016880 _____ () C:\Users\Dominik\Andy.log
2014-08-09 15:45 - 2014-08-09 15:48 - 00000238 _____ () C:\Users\Dominik\HandyAndy.ini
2014-08-09 15:45 - 2014-08-09 15:45 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy
2014-08-09 15:45 - 2014-08-09 15:45 - 00000000 ____D () C:\Users\Dominik\Andy_SF
2014-08-09 15:31 - 2014-08-09 15:31 - 01179424 _____ () C:\Users\Dominik\Downloads\Carpenters Blocks Mod Installer 1.7.10.exe
2014-08-09 15:29 - 2014-08-09 15:45 - 00000000 ____D () C:\Program Files\Andy
2014-08-09 15:29 - 2014-08-09 15:29 - 01177208 _____ () C:\Users\Dominik\AppData\Roaming\AndyCleanupTool.exe
2014-08-09 15:29 - 2014-08-09 15:29 - 01176696 _____ () C:\Users\Dominik\AppData\Roaming\AndyCleanVM.exe
2014-08-09 15:29 - 2014-08-09 15:29 - 00336584 _____ (andyroid.net) C:\Users\Dominik\Downloads\Andy_v29.exe
2014-08-09 15:17 - 2014-08-09 15:17 - 00900139 _____ () C:\Users\Dominik\Downloads\worldedit-5.6.3.zip
2014-08-09 15:17 - 2014-08-09 15:17 - 00324043 _____ () C:\Users\Dominik\Downloads\worldguard-5.9.zip
2014-08-09 15:13 - 2014-08-09 15:13 - 00225544 _____ () C:\Users\Dominik\Downloads\EasyEssentials.jar
2014-08-09 14:12 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-09 14:12 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-09 14:12 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-09 14:05 - 2014-08-09 14:05 - 04890736 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\spsetup126.exe
2014-08-09 13:59 - 2014-08-09 14:03 - 00000000 ____D () C:\Users\Dominik\AppData\Local\NVIDIA
2014-08-09 13:59 - 2014-08-09 14:02 - 00000000 ____D () C:\Users\Dominik\AppData\Local\NVIDIA Corporation
2014-08-09 13:59 - 2014-07-25 16:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-08-09 13:59 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-08-09 13:59 - 2014-07-25 16:01 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-08-09 13:59 - 2014-07-25 16:01 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-08-09 13:59 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-08-09 13:59 - 2014-03-31 18:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-08-09 13:59 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-08-09 13:57 - 2014-08-09 13:58 - 29837536 _____ (NVIDIA Corporation) C:\Users\Dominik\Downloads\GeForce_Experience_v2.1.1.0.exe
2014-08-09 12:29 - 2014-08-09 12:29 - 00465838 _____ () C:\Users\Dominik\Downloads\SoundCloud Playlist Sync.zip
2014-08-08 18:05 - 2014-08-08 18:05 - 00578240 _____ () C:\Users\Dominik\Downloads\Setup Plants vs. Zombies Garden Warfare Full Version Download by R.G v1.07__6431_il18795.exe
2014-08-08 18:03 - 2014-08-08 18:03 - 01503232 _____ () C:\Users\Dominik\Downloads\PvZ Garden Warfare Downloader.exe
2014-08-08 18:02 - 2014-08-08 18:02 - 00000089 _____ () C:\Users\Dominik\Downloads\plants vs zombies garden warfare.txt
2014-08-07 17:47 - 2014-08-07 17:48 - 555557136 _____ () C:\Users\Dominik\Downloads\FLautus_absoluteHD4.1.rar
2014-08-07 17:25 - 2014-08-07 18:26 - 179432764 _____ () C:\Users\Dominik\Downloads\[ETS2Downloads.com]rusmap_ver_1.0_for_ets2_1.9.22.zip
2014-08-07 17:23 - 2014-08-07 17:23 - 00000404 _____ () C:\Users\Dominik\Downloads\traffic_jam.rar
2014-08-07 17:22 - 2014-08-07 17:22 - 00011674 _____ () C:\Users\Dominik\Downloads\Kennzeichen.7z
2014-08-07 17:21 - 2014-08-07 17:57 - 106916811 _____ () C:\Users\Dominik\Downloads\G7LD.rar
2014-08-07 17:20 - 2014-08-07 17:57 - 106786247 _____ () C:\Users\Dominik\Downloads\Reisproject1.3.rar
2014-08-07 17:08 - 2014-08-07 17:14 - 151654331 _____ () C:\Users\Dominik\Downloads\Mega_Ai_Traffic_Mod_v3.7.1_By__Baaouich_.rar
2014-08-05 18:01 - 2014-08-05 18:01 - 02276799 _____ () C:\Users\Dominik\Downloads\MCPatcher 1.7.4.exe
2014-08-05 17:56 - 2014-08-05 17:57 - 00818617 _____ () C:\Users\Dominik\Downloads\OptiFine_1.7.5_HD_U_D1 (1).jar
2014-08-05 17:48 - 2014-08-05 17:48 - 00818111 _____ () C:\Users\Dominik\Downloads\OptiFine_1.7.10_HD_U_A4.jar
2014-08-05 17:40 - 2014-08-05 17:40 - 00177038 _____ () C:\Users\Dominik\Downloads\Flatworld1_0.zip
2014-08-05 17:36 - 2014-08-05 17:36 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10 (3).exe
2014-08-05 17:34 - 2014-08-05 17:34 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10 (2).exe
2014-08-05 17:29 - 2014-08-05 17:30 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10 (1).exe
2014-08-05 17:21 - 2014-08-05 17:22 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10.exe
2014-08-05 15:48 - 2014-08-05 15:49 - 24871811 _____ (Craften.de ) C:\Users\Dominik\Downloads\craftenterminal.exe
2014-08-04 22:05 - 2014-08-04 22:05 - 00000000 _____ () C:\END
2014-08-04 22:03 - 2014-08-04 22:03 - 00826192 _____ (Chip Digital GmbH) C:\Users\Dominik\Downloads\Real Desktop Standard - CHIP-Installer.exe
2014-08-04 19:29 - 2014-08-04 19:29 - 00000000 ____D () C:\Users\Dominik\Desktop\AIDA
2014-08-04 13:57 - 2014-08-04 13:58 - 00000000 ____D () C:\Users\Dominik\AppData\Local\{DA01B7F3-3BE8-4307-A9CB-D2B73E81D75F}
2014-08-02 12:31 - 2014-08-02 12:33 - 35813177 _____ () C:\Users\Dominik\Downloads\n88c6ibv9y4g-SS_United_States_C4D.zip
2014-08-02 11:27 - 2014-08-02 11:27 - 00000000 ____D () C:\Users\Dominik\AppData\Local\{BF14B624-0544-4E7D-8590-624A34E0BC82}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 17:03 - 2014-08-26 17:03 - 00029393 _____ () C:\Users\Dominik\Desktop\FRST.txt
2014-08-26 17:03 - 2014-08-26 17:02 - 00000000 ____D () C:\FRST
2014-08-26 17:02 - 2014-08-26 17:02 - 02103296 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2014-08-26 17:02 - 2014-08-26 17:02 - 02103296 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2014-08-26 16:59 - 2013-07-12 17:12 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Spotify
2014-08-26 16:58 - 2014-08-26 16:58 - 00000000 ____D () C:\ProgramData\RFA_Backups
2014-08-26 16:57 - 2014-08-26 16:57 - 06570232 _____ (RoseCitySoftware ) C:\Users\Dominik\Downloads\rfasetup93.exe
2014-08-26 16:49 - 2013-12-11 15:58 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Deployment
2014-08-26 16:43 - 2013-07-12 17:03 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Skype
2014-08-26 16:38 - 2013-07-12 16:40 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Adobe
2014-08-26 16:38 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 16:38 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 16:36 - 2013-07-13 01:32 - 01114782 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 16:31 - 2013-07-12 17:34 - 00000000 ___RD () C:\Users\Dominik\Dropbox
2014-08-26 16:31 - 2013-07-12 17:32 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Dropbox
2014-08-26 16:29 - 2014-08-21 17:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-26 16:29 - 2014-08-09 15:45 - 00000000 ____D () C:\Users\Dominik\Andy
2014-08-26 16:28 - 2013-07-12 16:33 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-26 16:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-26 16:28 - 2009-07-14 06:51 - 00212470 _____ () C:\Windows\setupact.log
2014-08-25 19:44 - 2014-02-16 10:59 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\.minecraft
2014-08-25 19:37 - 2014-08-25 19:32 - 00000000 ____D () C:\Users\Dominik\.VirtualBox
2014-08-25 19:34 - 2014-08-25 19:34 - 00000000 ____D () C:\Users\Dominik\VirtualBox VMs
2014-08-25 19:34 - 2013-07-12 16:35 - 00000000 ____D () C:\Users\Dominik
2014-08-25 19:32 - 2013-07-31 14:06 - 00000000 ____D () C:\ProgramData\Origin
2014-08-25 19:28 - 2013-07-12 16:33 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-25 19:27 - 2014-08-25 19:24 - 116695840 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\VirtualBox-4.3.14-95030-Win.exe
2014-08-25 19:25 - 2014-08-25 19:24 - 54661120 _____ () C:\Users\Dominik\Downloads\android-x86-1.6-r2.iso
2014-08-25 19:24 - 2013-07-31 14:06 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-25 19:22 - 2014-08-09 15:45 - 00016880 _____ () C:\Users\Dominik\Andy.log
2014-08-25 19:20 - 2013-07-16 14:57 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2539688962-1380141296-2660008707-1001UA.job
2014-08-25 19:17 - 2010-11-21 05:47 - 00298294 _____ () C:\Windows\PFRO.log
2014-08-25 19:11 - 2014-08-25 18:54 - 00001930 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-25 19:11 - 2014-08-21 17:18 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-25 19:05 - 2014-08-22 19:58 - 00000000 ____D () C:\Program Files (x86)\PennyBee
2014-08-25 19:04 - 2014-08-25 19:04 - 00739872 _____ ( ) C:\Users\Dominik\Downloads\plants-vs.-zombies-garden-warfare-full-version.exe
2014-08-25 19:04 - 2014-08-25 19:04 - 00146606 _____ () C:\Users\Dominik\Downloads\plants-vs.-zombies-garden-warfare-full-version [1].exe
2014-08-25 16:06 - 2014-08-25 16:06 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-25 16:06 - 2014-08-25 16:06 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-25 16:06 - 2014-08-25 16:06 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-25 16:06 - 2014-08-25 16:06 - 00000000 ____D () C:\Program Files\Java
2014-08-25 16:06 - 2014-08-24 13:06 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-25 15:59 - 2014-08-22 20:16 - 00000000 ____D () C:\Fraps
2014-08-25 15:51 - 2014-08-25 15:51 - 31013800 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\jre-7u67-windows-x64.exe
2014-08-25 15:41 - 2013-07-12 17:13 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Spotify
2014-08-24 21:02 - 2013-09-04 14:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-24 20:20 - 2013-07-16 14:57 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2539688962-1380141296-2660008707-1001Core.job
2014-08-24 15:26 - 2014-08-24 15:26 - 00257791 _____ () C:\Users\Dominik\Downloads\Subway by pg5.zip
2014-08-24 14:32 - 2014-08-24 14:32 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Oracle
2014-08-24 14:31 - 2013-09-15 18:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-24 14:30 - 2014-08-24 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-24 14:28 - 2014-08-24 14:28 - 00918440 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\chromeinstall-7u67.exe
2014-08-24 14:23 - 2014-08-24 14:23 - 01179424 _____ () C:\Users\Dominik\Downloads\Flans Mod Installer 1.7.10.exe
2014-08-24 14:22 - 2014-08-24 14:22 - 01174304 _____ () C:\Users\Dominik\Downloads\Not Enough Items Mod Installer 1.7.10 (2).exe
2014-08-24 14:21 - 2014-08-24 14:21 - 01174304 _____ () C:\Users\Dominik\Downloads\Not Enough Items Mod Installer 1.7.10 (1).exe
2014-08-24 14:21 - 2014-08-24 14:21 - 01171232 _____ () C:\Users\Dominik\Downloads\TConstruct Mod Installer 1.7.10.exe
2014-08-24 14:19 - 2014-08-24 14:19 - 01175840 _____ () C:\Users\Dominik\Downloads\Chisel Mod Installer 1.7.10.exe
2014-08-24 14:18 - 2014-08-24 14:18 - 01180448 _____ () C:\Users\Dominik\Downloads\Morph Mod Installer 1.7.10.exe
2014-08-24 14:00 - 2014-08-24 13:55 - 76614383 _____ () C:\Users\Dominik\Downloads\New Castol City 2014 V 1.2 Villenviertel.zip
2014-08-24 13:36 - 2014-08-24 13:35 - 02277949 _____ () C:\Users\Dominik\Downloads\WarGear Park.zip
2014-08-24 13:07 - 2014-08-24 13:07 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\java
2014-08-24 13:05 - 2014-08-24 13:02 - 96138664 _____ (Oracle Corporation) C:\Users\Dominik\Downloads\jre-8u20-windows-x64.exe
2014-08-24 13:02 - 2014-08-24 13:01 - 03735713 _____ () C:\Users\Dominik\Downloads\Nicht bestätigt 796382.crdownload
2014-08-24 12:40 - 2014-08-24 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-08-24 12:40 - 2014-08-24 12:40 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-08-24 12:38 - 2014-08-24 12:38 - 17033651 _____ (Craften.de ) C:\Users\Dominik\Downloads\craftenterminal (1).exe
2014-08-24 12:37 - 2014-08-24 12:37 - 00000000 ____D () C:\Users\Dominik\Desktop\world
2014-08-24 12:37 - 2014-08-11 14:01 - 00000000 ____D () C:\Users\Dominik\Desktop\Lets Build
2014-08-24 12:35 - 2014-08-24 12:34 - 09999270 _____ () C:\Users\Dominik\Downloads\minecraft_server.1.7.10 (1).exe
2014-08-24 12:31 - 2014-08-24 12:31 - 20471204 _____ () C:\Users\Dominik\Downloads\craftbukkit-1.7.10-R0.1-20140808.005431-8.jar
2014-08-24 12:26 - 2014-08-24 12:26 - 02924339 _____ () C:\Users\Dominik\Downloads\shaderpack.zip
2014-08-24 12:17 - 2014-08-24 12:17 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10 (4).exe
2014-08-24 12:17 - 2014-08-24 12:16 - 41790300 _____ () C:\Users\Dominik\Downloads\Invictus-1.0-Shader.zip
2014-08-24 11:28 - 2014-08-24 11:27 - 36934928 _____ () C:\Users\Dominik\Downloads\Invictus-1.0.zip
2014-08-23 16:56 - 2013-09-04 14:34 - 00000000 ____D () C:\Users\Dominik\Documents\Euro Truck Simulator 2
2014-08-23 16:51 - 2014-03-23 12:12 - 00000000 ____D () C:\Users\Dominik\Desktop\Desktop 2
2014-08-23 13:17 - 2014-08-23 13:17 - 00000000 ____D () C:\Program Files (x86)\predm
2014-08-23 12:12 - 2014-06-23 16:50 - 00000000 ___RD () C:\Users\Dominik\Desktop\Bro Gamers
2014-08-22 22:01 - 2014-08-22 22:01 - 00000408 _____ () C:\Users\Dominik\AppData\Roaming\CamShapes.ini
2014-08-22 22:01 - 2014-08-22 22:01 - 00000408 _____ () C:\Users\Dominik\AppData\Roaming\CamLayout.ini
2014-08-22 22:01 - 2014-08-22 22:01 - 00000055 _____ () C:\Users\Dominik\AppData\Roaming\Camdata.ini
2014-08-22 22:01 - 2014-08-22 19:59 - 00004535 _____ () C:\Users\Dominik\AppData\Roaming\CamStudio.cfg
2014-08-22 20:19 - 2014-08-22 20:19 - 00000687 _____ () C:\awh25BF.tmp
2014-08-22 20:16 - 2014-08-22 20:16 - 00000566 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-08-22 20:16 - 2014-08-22 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-08-22 20:15 - 2014-08-22 20:15 - 02624008 _____ () C:\Users\Dominik\Downloads\Fraps-Crack-by-HZHD.rar
2014-08-22 20:14 - 2014-08-22 20:14 - 00448208 _____ () C:\Users\Dominik\Downloads\Fraps Crack by HZHD.rar__3038_i1208021828_il2437094.exe
2014-08-22 20:14 - 2014-08-22 20:14 - 00448208 _____ () C:\Users\Dominik\Downloads\Fraps Crack by HZHD.rar__3038_i1208017924_il2437094.exe
2014-08-22 20:14 - 2014-08-22 20:14 - 00000000 ____D () C:\Users\Dominik\AppData\Local\ContextFree
2014-08-22 20:13 - 2014-08-22 20:13 - 00448208 _____ () C:\Users\Dominik\Downloads\Fraps Crack by HZHD.rar__3515_i1208017882_il2437094.exe
2014-08-22 20:04 - 2014-08-22 19:58 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-08-22 20:03 - 2014-08-22 20:02 - 00000000 ____D () C:\Users\Dominik\Documents\My CamStudio Temp Files
2014-08-22 19:59 - 2014-08-22 19:58 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Systweak
2014-08-22 19:58 - 2014-08-22 19:58 - 00003314 _____ () C:\Windows\System32\Tasks\ASP
2014-08-22 19:58 - 2014-08-22 19:58 - 00000096 _____ () C:\Users\Dominik\AppData\Roaming\version2.xml
2014-08-22 19:57 - 2014-08-22 19:57 - 00711585 _____ () C:\Users\Dominik\Downloads\CamStudioSetup_v2.7.2.zip
2014-08-22 19:34 - 2014-08-22 19:34 - 00000000 ____D () C:\Users\Dominik\AppData\Local\{429F99B8-10F5-4B35-95B6-58E297524C7F}
2014-08-22 19:14 - 2013-09-07 21:19 - 00000000 ____D () C:\Users\Dominik\AppData\Local\CrashDumps
2014-08-22 16:39 - 2014-08-22 16:39 - 00108544 _____ () C:\Windows\SysWOW64\installd.exe
2014-08-22 15:54 - 2013-10-17 19:20 - 00038912 _____ () C:\Users\Dominik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-21 17:30 - 2013-08-12 15:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-21 17:29 - 2014-08-21 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-21 17:25 - 2014-08-21 17:25 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\AVAST Software
2014-08-21 17:21 - 2014-08-21 17:21 - 00305400 _____ () C:\Windows\Minidump\082114-27955-01.dmp
2014-08-21 17:21 - 2013-12-17 18:04 - 00000000 ____D () C:\Windows\Minidump
2014-08-21 17:20 - 2013-12-17 18:04 - 971014651 _____ () C:\Windows\MEMORY.DMP
2014-08-21 17:18 - 2014-08-21 17:18 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-21 17:18 - 2014-08-21 17:18 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-21 17:18 - 2014-08-21 17:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-21 17:18 - 2014-08-21 17:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-21 17:17 - 2014-08-21 17:17 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-21 17:17 - 2014-08-18 12:15 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-20 13:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-18 12:14 - 2014-08-18 12:12 - 91906368 _____ (AVAST Software) C:\Users\Dominik\Downloads\avast_free_antivirus_setup_9.0.2021 (1).exe
2014-08-18 12:01 - 2014-02-22 20:50 - 00000000 ____D () C:\Users\Dominik\AppData\Local\DayZ
2014-08-18 11:10 - 2013-07-12 17:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-18 11:10 - 2013-07-12 17:03 - 00000000 ____D () C:\ProgramData\Skype
2014-08-18 11:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-17 20:23 - 2013-07-12 17:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 20:19 - 2013-08-03 13:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 20:17 - 2011-03-14 16:08 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-17 20:13 - 2014-05-08 20:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-17 18:30 - 2014-04-18 17:00 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-17 17:41 - 2013-07-12 17:32 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-11 17:19 - 2014-08-11 17:19 - 00006068 _____ () C:\Users\Dominik\Downloads\WarpCore.jar
2014-08-11 13:59 - 2014-08-11 13:59 - 00405434 _____ () C:\Users\Dominik\Desktop\WinRAR ZIP archive (neu).zip
2014-08-11 12:08 - 2014-08-11 12:07 - 11895013 _____ () C:\Users\Dominik\Downloads\WeepCraft.zip
2014-08-09 19:00 - 2014-08-09 19:00 - 01185056 _____ () C:\Users\Dominik\Downloads\Smart Moving Mod Installer 1.7.10.exe
2014-08-09 19:00 - 2014-08-09 19:00 - 01174304 _____ () C:\Users\Dominik\Downloads\Paintball Mod Installer 1.7.10.exe
2014-08-09 18:59 - 2014-08-09 18:59 - 02283826 _____ () C:\Users\Dominik\Downloads\PaintballArenaByKraizeeM-V1.2.zip
2014-08-09 15:54 - 2014-08-09 15:54 - 01174304 _____ () C:\Users\Dominik\Downloads\Not Enough Items Mod Installer 1.7.10.exe
2014-08-09 15:48 - 2014-08-09 15:45 - 00000238 _____ () C:\Users\Dominik\HandyAndy.ini
2014-08-09 15:45 - 2014-08-09 15:45 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy
2014-08-09 15:45 - 2014-08-09 15:45 - 00000000 ____D () C:\Users\Dominik\Andy_SF
2014-08-09 15:45 - 2014-08-09 15:29 - 00000000 ____D () C:\Program Files\Andy
2014-08-09 15:32 - 2013-08-10 16:00 - 00000000 ____D () C:\Minecraft_Backup
2014-08-09 15:31 - 2014-08-09 15:31 - 01179424 _____ () C:\Users\Dominik\Downloads\Carpenters Blocks Mod Installer 1.7.10.exe
2014-08-09 15:29 - 2014-08-09 15:29 - 01177208 _____ () C:\Users\Dominik\AppData\Roaming\AndyCleanupTool.exe
2014-08-09 15:29 - 2014-08-09 15:29 - 01176696 _____ () C:\Users\Dominik\AppData\Roaming\AndyCleanVM.exe
2014-08-09 15:29 - 2014-08-09 15:29 - 00336584 _____ (andyroid.net) C:\Users\Dominik\Downloads\Andy_v29.exe
2014-08-09 15:17 - 2014-08-09 15:17 - 00900139 _____ () C:\Users\Dominik\Downloads\worldedit-5.6.3.zip
2014-08-09 15:17 - 2014-08-09 15:17 - 00324043 _____ () C:\Users\Dominik\Downloads\worldguard-5.9.zip
2014-08-09 15:13 - 2014-08-09 15:13 - 00225544 _____ () C:\Users\Dominik\Downloads\EasyEssentials.jar
2014-08-09 15:01 - 2012-03-22 00:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-09 14:13 - 2012-03-22 00:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-09 14:12 - 2013-12-20 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-09 14:12 - 2012-03-22 00:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-09 14:05 - 2014-08-09 14:05 - 04890736 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\spsetup126.exe
2014-08-09 14:03 - 2014-08-09 13:59 - 00000000 ____D () C:\Users\Dominik\AppData\Local\NVIDIA
2014-08-09 14:02 - 2014-08-09 13:59 - 00000000 ____D () C:\Users\Dominik\AppData\Local\NVIDIA Corporation
2014-08-09 14:02 - 2012-03-22 00:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-09 13:58 - 2014-08-09 13:57 - 29837536 _____ (NVIDIA Corporation) C:\Users\Dominik\Downloads\GeForce_Experience_v2.1.1.0.exe
2014-08-09 12:38 - 2013-07-14 14:12 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\TS3Client
2014-08-09 12:29 - 2014-08-09 12:29 - 00465838 _____ () C:\Users\Dominik\Downloads\SoundCloud Playlist Sync.zip
2014-08-09 12:23 - 2014-06-03 19:48 - 00000000 ____D () C:\Users\Dominik\Documents\Clownfish Avatars
2014-08-08 18:05 - 2014-08-08 18:05 - 00578240 _____ () C:\Users\Dominik\Downloads\Setup Plants vs. Zombies Garden Warfare Full Version Download by R.G v1.07__6431_il18795.exe
2014-08-08 18:03 - 2014-08-08 18:03 - 01503232 _____ () C:\Users\Dominik\Downloads\PvZ Garden Warfare Downloader.exe
2014-08-08 18:02 - 2014-08-08 18:02 - 00000089 _____ () C:\Users\Dominik\Downloads\plants vs zombies garden warfare.txt
2014-08-07 21:34 - 2014-03-16 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-07 21:34 - 2013-08-15 15:21 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Audacity
2014-08-07 21:34 - 2013-07-12 16:35 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover
2014-08-07 21:34 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-08-07 21:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-07 21:33 - 2014-02-10 18:48 - 00000000 ____D () C:\ProgramData\MySQL
2014-08-07 18:26 - 2014-08-07 17:25 - 179432764 _____ () C:\Users\Dominik\Downloads\[ETS2Downloads.com]rusmap_ver_1.0_for_ets2_1.9.22.zip
2014-08-07 17:57 - 2014-08-07 17:21 - 106916811 _____ () C:\Users\Dominik\Downloads\G7LD.rar
2014-08-07 17:57 - 2014-08-07 17:20 - 106786247 _____ () C:\Users\Dominik\Downloads\Reisproject1.3.rar
2014-08-07 17:48 - 2014-08-07 17:47 - 555557136 _____ () C:\Users\Dominik\Downloads\FLautus_absoluteHD4.1.rar
2014-08-07 17:23 - 2014-08-07 17:23 - 00000404 _____ () C:\Users\Dominik\Downloads\traffic_jam.rar
2014-08-07 17:22 - 2014-08-07 17:22 - 00011674 _____ () C:\Users\Dominik\Downloads\Kennzeichen.7z
2014-08-07 17:14 - 2014-08-07 17:08 - 151654331 _____ () C:\Users\Dominik\Downloads\Mega_Ai_Traffic_Mod_v3.7.1_By__Baaouich_.rar
2014-08-07 04:06 - 2014-08-17 17:50 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-17 17:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 19:14 - 2014-08-22 19:58 - 00020328 _____ () C:\Windows\system32\roboot64.exe
2014-08-05 18:01 - 2014-08-05 18:01 - 02276799 _____ () C:\Users\Dominik\Downloads\MCPatcher 1.7.4.exe
2014-08-05 17:57 - 2014-08-05 17:56 - 00818617 _____ () C:\Users\Dominik\Downloads\OptiFine_1.7.5_HD_U_D1 (1).jar
2014-08-05 17:48 - 2014-08-05 17:48 - 00818111 _____ () C:\Users\Dominik\Downloads\OptiFine_1.7.10_HD_U_A4.jar
2014-08-05 17:40 - 2014-08-05 17:40 - 00177038 _____ () C:\Users\Dominik\Downloads\Flatworld1_0.zip
2014-08-05 17:36 - 2014-08-05 17:36 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10 (3).exe
2014-08-05 17:34 - 2014-08-05 17:34 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10 (2).exe
2014-08-05 17:30 - 2014-08-05 17:29 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10 (1).exe
2014-08-05 17:22 - 2014-08-05 17:21 - 01183520 _____ () C:\Users\Dominik\Downloads\GLSL Shaders Mod Installer 1.7.10.exe
2014-08-05 15:59 - 2014-05-28 15:45 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Craften Terminal
2014-08-05 15:49 - 2014-08-05 15:48 - 24871811 _____ (Craften.de ) C:\Users\Dominik\Downloads\craftenterminal.exe
2014-08-04 22:05 - 2014-08-04 22:05 - 00000000 _____ () C:\END
2014-08-04 22:03 - 2014-08-04 22:03 - 00826192 _____ (Chip Digital GmbH) C:\Users\Dominik\Downloads\Real Desktop Standard - CHIP-Installer.exe
2014-08-04 19:29 - 2014-08-04 19:29 - 00000000 ____D () C:\Users\Dominik\Desktop\AIDA
2014-08-04 18:06 - 2013-07-16 16:32 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-04 18:06 - 2013-07-16 16:21 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-04 13:58 - 2014-08-04 13:57 - 00000000 ____D () C:\Users\Dominik\AppData\Local\{DA01B7F3-3BE8-4307-A9CB-D2B73E81D75F}
2014-08-04 11:54 - 2013-07-16 22:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 11:54 - 2013-07-16 22:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-03 20:55 - 2014-04-25 16:14 - 00000000 ____D () C:\Users\Dominik\Desktop\Animationen
2014-08-03 03:01 - 2013-07-16 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-02 16:18 - 2014-02-08 16:18 - 00007601 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2014-08-02 12:33 - 2014-08-02 12:31 - 35813177 _____ () C:\Users\Dominik\Downloads\n88c6ibv9y4g-SS_United_States_C4D.zip
2014-08-02 11:27 - 2014-08-02 11:27 - 00000000 ____D () C:\Users\Dominik\AppData\Local\{BF14B624-0544-4E7D-8590-624A34E0BC82}
2014-08-02 11:27 - 2014-03-27 16:59 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Windows Live
2014-08-01 01:41 - 2014-08-17 17:51 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-17 17:51 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\amazonicon_v3.exe
C:\Users\Dominik\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Dominik\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Dominik\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\Dominik\AppData\Local\Temp\dlLogic.exe
C:\Users\Dominik\AppData\Local\Temp\dltr.exe
C:\Users\Dominik\AppData\Local\Temp\DownloadManager.exe
C:\Users\Dominik\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6t6h7w.dll
C:\Users\Dominik\AppData\Local\Temp\GCVerifier.dll
C:\Users\Dominik\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe
C:\Users\Dominik\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Dominik\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-14-g8f8716c-b3042jnks.dll
C:\Users\Dominik\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-2-g85f5776-b3024jnks.dll
C:\Users\Dominik\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Dominik\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Dominik\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Dominik\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Dominik\AppData\Local\Temp\nsd1ABE.exe
C:\Users\Dominik\AppData\Local\Temp\nsd1EC5.exe
C:\Users\Dominik\AppData\Local\Temp\nsjDA6D.exe
C:\Users\Dominik\AppData\Local\Temp\nsn16B7.exe
C:\Users\Dominik\AppData\Local\Temp\nstF5EB.exe
C:\Users\Dominik\AppData\Local\Temp\nsyEF54.exe
C:\Users\Dominik\AppData\Local\Temp\nsyF2AF.exe
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dominik\AppData\Local\Temp\nvStInst.exe
C:\Users\Dominik\AppData\Local\Temp\ose00000.exe
C:\Users\Dominik\AppData\Local\Temp\pc-suite-setup.exe
C:\Users\Dominik\AppData\Local\Temp\RDeskFree2.0-setup.exe
C:\Users\Dominik\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Dominik\AppData\Local\Temp\sdapskill.exe
C:\Users\Dominik\AppData\Local\Temp\SIntf16.dll
C:\Users\Dominik\AppData\Local\Temp\SIntf32.dll
C:\Users\Dominik\AppData\Local\Temp\SIntfNT.dll
C:\Users\Dominik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dominik\AppData\Local\Temp\speccycpuid.dll
C:\Users\Dominik\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Dominik\AppData\Local\Temp\verifier.exe
C:\Users\Dominik\AppData\Local\Temp\wiz.exe
C:\Users\Dominik\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:34

==================== End Of Log ============================
         

--- --- ---

--- --- ---

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 14-08-29.03 - Dominik 29.08.2014  18:14:04.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.10222.7181 [GMT 2:00]
ausgeführt von:: c:\users\Dominik\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Dominik\AppData\Local\ContextFree
c:\users\Dominik\AppData\Local\ContextFree\cntcmd.exe
c:\users\Dominik\AppData\Local\ContextFree\Context2pro_Uninstaller.exe
c:\users\Dominik\AppData\Local\ContextFree\framei.exe
c:\users\Dominik\AppData\Local\ContextFree\navigation.exe
c:\users\Dominik\AppData\Local\ContextFree\notifications.exe
c:\users\Dominik\AppData\Local\ContextFree\nvcmd.exe
c:\users\Dominik\AppData\Local\ContextFree\windoclib.exe
c:\users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7381CB74-572B-425E-9852-9BE2EFADBCD8}.xps
c:\users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DC18AD1D-07FF-4B75-92A6-A903F1EAA40A}.xps
c:\windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-07-28 bis 2014-08-29  ))))))))))))))))))))))))))))))
.
.
2014-08-29 16:21 . 2014-08-29 16:21	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-08-28 13:33 . 2014-08-23 02:07	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-28 13:33 . 2014-08-23 01:45	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-28 13:33 . 2014-08-23 00:59	3163648	----a-w-	c:\windows\system32\win32k.sys
2014-08-26 16:22 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-08-26 16:21 . 2014-08-26 16:24	--------	d-----w-	C:\AdwCleaner
2014-08-26 15:02 . 2014-08-26 15:05	--------	d-----w-	C:\FRST
2014-08-26 14:58 . 2014-08-26 14:58	--------	d-----w-	c:\programdata\RFA_Backups
2014-08-25 17:34 . 2014-08-25 17:34	--------	d-----w-	c:\users\Dominik\VirtualBox VMs
2014-08-25 17:32 . 2014-08-25 17:37	--------	d-----w-	c:\users\Dominik\.VirtualBox
2014-08-25 17:32 . 2014-07-15 14:16	863528	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2014-08-25 17:32 . 2014-07-15 14:15	129168	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2014-08-25 14:06 . 2014-08-25 14:06	319912	----a-w-	c:\windows\system32\javaws.exe
2014-08-25 14:06 . 2014-08-25 14:06	189352	----a-w-	c:\windows\system32\javaw.exe
2014-08-25 14:06 . 2014-08-25 14:06	189352	----a-w-	c:\windows\system32\java.exe
2014-08-25 14:06 . 2014-08-25 14:06	--------	d-----w-	c:\program files\Java
2014-08-24 12:32 . 2014-08-24 12:32	--------	d-----w-	c:\users\Dominik\AppData\Roaming\Oracle
2014-08-24 11:07 . 2014-08-24 11:07	--------	d-----w-	c:\users\Dominik\AppData\Roaming\java
2014-08-24 11:06 . 2014-08-25 14:06	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-08-24 10:40 . 2014-08-24 10:40	--------	d-----w-	c:\program files (x86)\Craften Terminal
2014-08-22 18:19 . 2014-08-22 18:19	687	----a-w-	C:\awh25BF.tmp
2014-08-22 18:16 . 2014-08-25 13:59	--------	d-----w-	C:\Fraps
2014-08-22 18:14 . 2014-08-23 11:17	--------	d-----w-	c:\program files (x86)\Common Files\Config
2014-08-22 17:58 . 2014-08-22 18:04	--------	d-----w-	c:\program files\CamStudio 2.7
2014-08-21 15:25 . 2014-08-21 15:25	--------	d-----w-	c:\users\Dominik\AppData\Roaming\AVAST Software
2014-08-21 15:18 . 2014-08-25 17:11	427360	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-08-21 15:18 . 2014-08-21 15:18	224896	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-08-21 15:18 . 2014-08-21 15:18	1041168	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-08-21 15:18 . 2014-08-21 15:18	79184	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-08-21 15:18 . 2014-08-21 15:18	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-08-21 15:18 . 2014-08-21 15:18	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-08-21 15:18 . 2014-08-21 15:18	307344	----a-w-	c:\windows\system32\aswBoot.exe
2014-08-21 15:18 . 2014-08-21 15:18	43152	----a-w-	c:\windows\avastSS.scr
2014-08-21 15:17 . 2014-08-21 15:17	--------	d-----w-	c:\program files\AVAST Software
2014-08-18 10:15 . 2014-08-21 15:17	--------	d-----w-	c:\programdata\AVAST Software
2014-08-18 09:10 . 2014-08-18 09:10	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-08-17 18:14 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2014-08-17 18:14 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2014-08-17 18:14 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2014-08-17 18:14 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2014-08-17 18:14 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2014-08-17 18:14 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2014-08-17 18:13 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2014-08-17 18:13 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2014-08-17 15:52 . 2014-07-16 03:23	2048	----a-w-	c:\windows\system32\tzres.dll
2014-08-17 15:52 . 2014-07-16 02:46	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-08-17 15:52 . 2014-06-03 10:02	112064	----a-w-	c:\windows\system32\consent.exe
2014-08-17 15:52 . 2014-06-03 10:02	3241984	----a-w-	c:\windows\system32\msi.dll
2014-08-17 15:52 . 2014-06-03 10:02	1941504	----a-w-	c:\windows\system32\authui.dll
2014-08-17 15:52 . 2014-06-03 09:29	2363392	----a-w-	c:\windows\SysWow64\msi.dll
2014-08-17 15:52 . 2014-06-03 09:29	1805824	----a-w-	c:\windows\SysWow64\authui.dll
2014-08-17 15:50 . 2014-07-14 02:02	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-08-17 15:50 . 2014-07-14 01:40	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-08-17 15:50 . 2014-08-07 02:06	529920	----a-w-	c:\windows\system32\aepdu.dll
2014-08-17 15:50 . 2014-08-07 02:01	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-08-10 10:49 . 2014-01-09 02:22	5694464	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-08-10 10:49 . 2014-01-03 22:44	6574592	----a-w-	c:\windows\system32\mstscax.dll
2014-08-09 13:50 . 2013-09-25 02:23	1030144	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-08-09 13:50 . 2013-09-25 01:57	792576	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-08-09 13:45 . 2014-08-29 14:23	--------	d-----w-	c:\users\Dominik\Andy
2014-08-09 13:29 . 2014-08-09 13:29	1176696	----a-w-	c:\users\Dominik\AppData\Roaming\AndyCleanVM.exe
2014-08-09 13:29 . 2014-08-09 13:45	--------	d-----w-	c:\program files\Andy
2014-08-09 13:29 . 2014-08-09 13:29	1177208	----a-w-	c:\users\Dominik\AppData\Roaming\AndyCleanupTool.exe
2014-08-09 11:59 . 2014-08-09 12:03	--------	d-----w-	c:\users\Dominik\AppData\Local\NVIDIA
2014-08-09 11:59 . 2014-08-09 12:02	--------	d-----w-	c:\users\Dominik\AppData\Local\NVIDIA Corporation
2014-08-09 11:59 . 2014-07-25 14:01	1291280	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2014-08-09 11:59 . 2014-07-25 14:01	1126480	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-08-09 11:59 . 2014-07-25 14:01	1715224	----a-w-	c:\windows\system32\nvspbridge64.dll
2014-08-09 11:59 . 2014-07-25 14:01	1283136	----a-w-	c:\windows\system32\nvspcap64.dll
2014-08-09 11:59 . 2014-03-31 16:42	40392	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-08-09 11:59 . 2014-03-31 16:42	37320	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-08-09 11:59 . 2014-03-31 16:42	34760	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-08-04 20:06 . 2014-08-04 20:15	--------	d-----w-	c:\users\Dominik\AppData\Roaming\Real Desktop
2014-08-03 09:53 . 2014-08-03 09:53	188304	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-29 14:23 . 2011-03-29 01:36	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-17 18:17 . 2011-03-14 14:08	99218768	----a-w-	c:\windows\system32\MRT.exe
2014-08-04 16:06 . 2013-07-16 14:32	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-08-04 16:06 . 2013-07-16 14:21	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-07-17 09:06 . 2013-07-16 14:21	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-07-15 14:15 . 2014-07-15 14:15	142528	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys
2014-07-02 20:48 . 2013-10-28 11:53	16122344	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-07-02 20:48 . 2013-10-28 11:52	2814656	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-07-02 20:48 . 2012-03-21 22:12	965312	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2012-03-21 22:12	18626304	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-07-02 20:48 . 2012-03-21 22:12	166568	----a-w-	c:\windows\system32\nvinitx.dll
2014-07-02 20:48 . 2012-03-21 22:12	146480	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-07-02 20:48 . 2012-03-21 22:12	14498552	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-07-02 20:48 . 2012-03-21 22:12	3196816	----a-w-	c:\windows\system32\nvapi64.dll
2014-06-18 02:18 . 2014-07-10 11:03	692736	----a-w-	c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 11:03	646144	----a-w-	c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-10 11:03	624128	----a-w-	c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-10 11:03	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-10 11:02	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-10 11:02	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-10 11:02	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-06-04 10:59 . 2013-07-16 14:21	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Dominik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-08-28 1245752]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-14 221184]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-07-24 21650016]
"Spotify"="c:\users\Dominik\AppData\Roaming\Spotify\spotify.exe" [2014-08-28 6621752]
"GoogleChromeAutoLaunch_66F8C29980E8EAA9103CEBF5E167BC0C"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-08-07 860488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-14 81920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-05-26 2688920]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-02-22 1226024]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-25 4085896]
.
c:\users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dominik\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-8-15 36414752]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2013-7-12 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\users\Dominik\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\Dominik\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 HidNt;FT33C2 Driver for Input Devices;c:\windows\system32\DRIVERS\HIDNt.sys;c:\windows\SYSNATIVE\DRIVERS\HIDNt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Mac606;FT33C2 FILTER;c:\windows\system32\DRIVERS\Mac606.sys;c:\windows\SYSNATIVE\DRIVERS\Mac606.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SurfEasyVPN;SurfEasy Service;c:\program files (x86)\SurfEasy VPN\client\SurfEasyService.exe;c:\program files (x86)\SurfEasy VPN\client\SurfEasyService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe;c:\program files (x86)\watchmi\TvdService.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tapse01;SurfEasy TAP-Windows Adapter V9;c:\windows\system32\DRIVERS\tapse01.sys;c:\windows\SYSNATIVE\DRIVERS\tapse01.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-17 16:29	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-12 14:33]
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-12 14:33]
.
2014-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2539688962-1380141296-2660008707-1001Core.job
- c:\users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-16 10:44]
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2539688962-1380141296-2660008707-1001UA.job
- c:\users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-16 10:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-05-23 00:10	671904	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-05-23 00:10	671904	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-05-23 00:10	671904	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-21 15:18	634872	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Dominik\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-16 12445288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-15 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-15 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-15 440600]
"MedionReminder"="c:\program files (x86)\CyberLink\PowerRecover\Reminder.exe" [2011-05-25 443688]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"Andy"="c:\program files\Andy\HandyAndy.exe" [2014-06-27 923256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MedionReminder"="c:\program files (x86)\CyberLink\PowerRecover\Reminder.exe" [2011-05-25 443688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\axctigto.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Real Desktop - c:\program files (x86)\Real Desktop\rdesc.exe
Wow6432Node-HKCU-Run-framei - c:\users\Dominik\AppData\Local\ContextFree\framei.exe
Wow6432Node-HKCU-Run-nvcmd - c:\users\Dominik\AppData\Local\ContextFree\nvcmd.exe
Wow6432Node-HKCU-Run-cntcmd - c:\users\Dominik\AppData\Local\ContextFree\cntcmd.exe
Wow6432Node-HKLM-Run-mbot_de_34 - (no file)
c:\users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Real Desktop.lnk - c:\program files (x86)\Real Desktop\rdesc.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk - c:\windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Windows Utils - c:\users\Dominik\AppData\Roaming\Windows Net Data\uninstaller.exe
AddRemove-ContextFree - c:\users\Dominik\AppData\Local\ContextFree\Context2pro_Uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-29  18:43:37 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-08-29 16:43
.
Vor Suchlauf: 13 Verzeichnis(se), 996.438.274.048 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 1.044.374.331.392 Bytes frei
.
- - End Of File - - BFEC16ACABAA4CD7852C3EDCA1FE3099
         

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.