HitmanPro Alert gibt Warnung aus - Browser kompromittiert?

 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014
Ran by Admin (administrator) on MOONCHILD-PC on 01-11-2014 15:02:55
Running from K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion
Loaded Profiles: Moonchild & Admin & Administrator (Available profiles: Moonchild & Admin & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Comfort Software Group) C:\Program Files (x86)\HotAlarmClock\HotAlarmClock.exe
(Mozy, Inc.) C:\Program Files\Mozy Sync\mozysync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Portrait Displays\DisplayView Click\dthtml.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
() K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion\Gmer-19357.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1575192 2013-10-24] (Bitdefender)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [DT FUS] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123248 2012-09-26] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [EMET 4.1 Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [78992 2013-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [Trend Micro RUBotted V2.0 Beta] => C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe [1102872 2013-07-25] (Trend Micro Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2013-02-05] ()
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [Google Update] => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [HotAlarmClock] => C:\Program Files (x86)\HotAlarmClock\HotAlarmClock.exe [22725400 2014-05-16] (Comfort Software Group)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\MountPoints2: {05dabfe1-3f6e-11e1-a3c3-806e6f6e6963} - L:\Run.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\MountPoints2: {e091f18d-04da-11e4-b8b1-001a7dda710b} - H:\pushinst.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-1007\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2013-02-05] ()
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [Klebezettel NG] => C:\Program Files (x86)\Klebezettel NG\klebez.exe [4433408 2012-04-06] (Hollie-Soft)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\MountPoints2: {05dabfe1-3f6e-11e1-a3c3-806e6f6e6963} - L:\Run.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\MountPoints2: {73d1f0d9-fbbf-11e2-95bb-806e6f6e6963} - L:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\Users\Moonchild\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozy Sync.lnk
ShortcutTarget: Mozy Sync.lnk -> C:\Program Files\Mozy Sync\mozysync.exe (Mozy, Inc.)
SSODL: EldosMountNotificator-cbfs4 - {F9FF334C-5B00-4CBA-8B28-A3D6A9A46476} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} -  No File
SSODL-x32: EldosMountNotificator-cbfs4 - {F9FF334C-5B00-4CBA-8B28-A3D6A9A46476} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ mozysyncNotUploaded] -> {34DF8AC2-A6BB-4855-B45A-CC1B4D9183E3} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncPendingChanges] -> {6673BC77-4A7B-4299-A130-14312E6B203A} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncUpToDate] -> {04547006-32F5-4635-844B-B8D7FCE47692} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {D12E2777-CA9C-4EBD-AA9B-A8660DEF371F} => C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {D12E2777-CA9C-4EBD-AA9B-A8660DEF371F} => C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: FlashCatchBHO Class -> {88618A96-6D8A-42E7-B932-9073D5B2080F} -> C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - FlashCatch - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A25C9FE1-77F9-4C49-B32A-8665F4273309}: [NameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> K:\Windows_SSD\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-03-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext

Chrome: 
=======
CHR StartMenuInternet: Google Chrome - C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-24] (Emsisoft GmbH)
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-10-24] (Bitdefender)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3611128 2014-02-11] (devolo AG)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [139632 2012-09-26] (Portrait Displays, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-11-01] (SurfRight B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-10-27] (SurfRight B.V.)
R2 mozybackup; K:\Windows_SSD\MOZY\mozybackup.exe [54040 2011-09-29] (Mozy, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-07-23] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RUBotSrv; C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-10-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-24] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-04-20] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2014-02-24] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2014-02-24] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2014-02-24] (Emsisoft GmbH)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-10-24] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-10-24] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-04-30] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-10-24] (BitDefender SRL)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [385728 2013-03-01] (EldoS Corporation)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-02-24] (Emsisoft GmbH)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-24] (BitDefender LLC)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-10-27] ()
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [9000256 2012-08-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Intel(R) Corporation) [File not signed]
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-05-02] (Mozy, Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-24] (BitDefender S.R.L.)
S3 7ByteIo; \??\c:\program files (x86)\hot cpu tester pro 4\SysInfoX64.sys [X]
S3 cpuz135; \??\K:\WINDOW~1\Temp\cpuz135\cpuz135_x64.sys [X]
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPU-Z; \??\C:\Users\Admin\AppData\Local\Temp\GPU-Z.sys [X]
U3 pwliquob; \??\C:\Users\Admin\AppData\Local\Temp\pwliquob.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro RUBotted
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-10-27 23:06 - 2014-10-27 23:06 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\Downloaded Installations
2014-10-27 17:18 - 2014-10-27 17:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-10-27 16:55 - 2014-10-27 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-27 16:53 - 2014-10-27 16:53 - 00000000 ____D () C:\Users\Admin\AppData\Local\Logishrd
2014-10-27 16:53 - 2014-10-27 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-10-27 16:52 - 2014-10-27 16:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Logishrd
2014-10-27 16:50 - 2014-10-27 16:50 - 00000000 _____ () C:\Users\Admin\Desktop\Sicherungskopie von Malwarebytes Einstellungen.wbk
2014-10-27 10:40 - 2014-11-01 14:02 - 00000000 ____D () C:\Windows\CryptoGuard
2014-10-27 10:40 - 2014-10-27 16:31 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-10-27 10:40 - 2014-10-27 10:57 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-10-27 10:40 - 2014-10-27 10:57 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-10-27 10:40 - 2014-10-27 10:57 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-10-27 10:40 - 2014-10-27 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-10-27 10:40 - 2014-10-27 10:40 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-10-27 08:43 - 2014-10-27 08:43 - 00002230 _____ () C:\Users\Admin\Desktop\HitmanPro_20141027_0843.log
2014-10-26 23:54 - 2014-10-27 09:28 - 00002029 _____ () C:\Users\Admin\Desktop\Entfernen des Avira EU-Cleaners.lnk
2014-10-26 23:54 - 2014-10-27 09:28 - 00001973 _____ () C:\Users\Admin\Desktop\Avira EU-Cleaner.lnk
2014-10-25 16:28 - 2014-10-25 16:28 - 00001067 _____ () C:\Users\Admin\Desktop\Hot Alarm Clock.lnk
2014-10-25 16:28 - 2014-10-25 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hot Alarm Clock
2014-10-25 16:27 - 2014-10-25 16:28 - 00000000 ____D () C:\Program Files (x86)\HotAlarmClock
2014-10-25 08:30 - 2014-10-25 08:30 - 00001043 _____ () C:\Users\Admin\Desktop\MonitorTest.lnk
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\ProgramData\PassMark
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonitorTest
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\Program Files (x86)\MonitorTest
2014-10-20 08:01 - 2014-10-20 08:01 - 00001079 _____ () C:\Users\Admin\Desktop\Free Alarm Clock.lnk
2014-10-20 08:01 - 2014-10-20 08:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
2014-10-20 08:01 - 2014-10-20 08:01 - 00000000 ____D () C:\Program Files (x86)\FreeAlarmClock
2014-10-19 12:06 - 2014-10-19 12:06 - 00004957 _____ () C:\Users\Moonchild\AppData\Local\recently-used.xbel
2014-10-18 23:52 - 2014-10-18 23:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-10-18 23:51 - 2014-05-14 17:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-10-18 23:51 - 2014-05-14 15:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-10-18 23:51 - 2014-05-12 19:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-10-18 23:51 - 2014-05-09 10:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-10-18 23:51 - 2014-04-30 10:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-10-18 23:51 - 2014-04-28 14:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-10-18 23:51 - 2014-04-25 12:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-10-18 23:51 - 2014-04-25 12:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-10-18 23:51 - 2014-04-10 11:20 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-10-18 23:51 - 2014-03-06 15:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-10-18 23:51 - 2014-02-18 16:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-10-18 23:51 - 2014-02-06 10:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-10-18 23:51 - 2014-01-28 10:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-10-18 23:51 - 2013-10-16 02:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-10-18 23:51 - 2013-10-11 11:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-10-18 23:51 - 2013-10-11 10:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-10-18 23:51 - 2013-08-14 14:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-10-18 23:51 - 2013-08-14 14:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-10-18 23:51 - 2012-11-14 10:41 - 00378000 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll
2014-10-18 23:51 - 2012-08-31 18:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-10-18 23:51 - 2012-03-08 10:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-10-18 23:51 - 2011-12-20 14:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-10-18 23:51 - 2011-11-22 15:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-10-18 23:51 - 2010-11-03 17:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-10-18 23:51 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-10-18 23:51 - 2010-07-22 15:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-10-17 09:10 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-17 09:10 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 09:10 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 09:10 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-17 09:10 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-17 09:10 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-17 09:10 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-17 09:10 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-17 09:10 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 09:10 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-17 09:10 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-17 09:10 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-17 09:10 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-17 09:10 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-17 09:10 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-17 09:10 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-17 09:10 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-17 09:10 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-17 09:10 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-17 09:10 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-17 09:10 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-17 09:10 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-17 09:10 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-17 09:10 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 09:10 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-17 09:10 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-17 09:10 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 09:10 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-17 09:10 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-17 09:10 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-17 09:10 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-17 09:10 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-17 09:10 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-17 09:10 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-17 09:10 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-17 09:10 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-17 09:10 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-17 09:10 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-17 09:10 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-17 09:10 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-17 09:10 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-17 09:10 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-17 09:10 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-17 09:10 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 09:10 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-17 09:10 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-17 09:10 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-17 09:10 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-17 09:10 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-17 09:10 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-17 09:09 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 09:09 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-17 09:09 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-17 09:09 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 09:09 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 09:09 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-17 09:09 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 09:09 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-17 09:09 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-17 09:09 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-17 09:09 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-17 09:09 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-17 09:09 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-17 09:09 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-17 09:09 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-17 09:09 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-17 09:09 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 11:48 - 2014-10-16 11:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-10-08 09:18 - 2014-10-08 09:20 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Moonchild\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Administrator\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Admin\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-10-08 09:18 - 2014-10-08 09:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-08 09:18 - 2014-10-08 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-03 18:16 - 2014-10-03 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
2014-10-03 18:16 - 2014-10-03 18:16 - 00000000 ____D () C:\Program Files (x86)\APC
2014-10-03 17:07 - 2014-10-03 18:15 - 13923704 _____ (Schneider Electric) C:\Users\Admin\PCPE Setup.exe
2014-10-03 17:07 - 2014-10-03 18:15 - 13338112 _____ () C:\Users\Admin\PCPE_3.0.1.msi
2014-10-03 17:07 - 2014-10-03 18:15 - 01079808 _____ (Microsoft Corporation) C:\Users\Admin\mfc80u.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00626688 _____ (Microsoft Corporation) C:\Users\Admin\msvcr80.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021880 _____ (Schneider Electric) C:\Users\Admin\grm_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021880 _____ (Schneider Electric) C:\Users\Admin\fr_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\pt_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\it_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\es_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\en_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00020856 _____ (Schneider Electric) C:\Users\Admin\ru_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00020344 _____ (Schneider Electric) C:\Users\Admin\jp_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00019832 _____ (Schneider Electric) C:\Users\Admin\zh_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00018808 _____ () C:\Users\Admin\ResourceReader.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00000550 _____ () C:\Users\Admin\Microsoft.VC80.MFC.manifest
2014-10-03 17:07 - 2014-10-03 18:15 - 00000522 _____ () C:\Users\Admin\Microsoft.VC80.CRT.manifest
2014-10-03 17:07 - 2014-10-03 18:15 - 00000014 _____ () C:\Users\Admin\dotnetfolder.txt
2014-10-02 09:20 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-02 09:20 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-02 09:20 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-02 09:20 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 15:02 - 2014-04-21 13:19 - 00000000 ____D () C:\FRST
2014-11-01 14:58 - 2012-01-24 19:08 - 00766051 _____ () C:\Windows\setupact.log
2014-11-01 14:42 - 2013-02-10 13:24 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-01 14:40 - 2013-02-08 12:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-01 14:23 - 2012-01-16 08:46 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA.job
2014-11-01 14:22 - 2013-02-10 13:24 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-01 14:19 - 2013-09-16 14:25 - 00000501 _____ () C:\Windows\system32\checkdnsid.xml
2014-11-01 14:02 - 2014-02-21 12:20 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\mozysync
2014-11-01 13:57 - 2012-01-15 12:46 - 01291526 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 13:56 - 2011-04-12 08:43 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-11-01 13:56 - 2011-04-12 08:43 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-11-01 13:56 - 2009-07-14 06:13 - 01629348 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 13:56 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-01 13:56 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-01 13:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-01 11:18 - 2012-04-03 16:18 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-01 11:17 - 2013-03-03 10:40 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\KeePass
2014-11-01 03:48 - 2012-01-15 17:33 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{330A11D1-DDF4-4F3D-9779-05555AECB1C3}
2014-11-01 01:31 - 2012-02-07 10:42 - 00010720 _____ () C:\Windows\mozy.blk
2014-11-01 01:31 - 2012-02-07 10:42 - 00005462 _____ () C:\Windows\mozy.flt
2014-10-31 22:22 - 2014-04-03 23:41 - 00000000 ___RD () C:\Users\Moonchild\Downloads\Aktuell gucken
2014-10-31 16:24 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 16:23 - 2012-04-25 23:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-31 13:23 - 2012-01-16 08:46 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core.job
2014-10-31 12:27 - 2014-09-25 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-30 23:20 - 2014-07-01 11:42 - 00001264 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2014-10-30 23:20 - 2014-07-01 11:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-30 23:16 - 2012-01-19 17:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-30 23:06 - 2013-09-14 14:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-30 23:04 - 2014-09-11 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-30 23:04 - 2013-10-27 00:20 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-28 07:37 - 2012-02-02 00:45 - 08228684 _____ () C:\Windows\PFRO.log
2014-10-28 00:54 - 2013-03-06 17:09 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\Dropbox
2014-10-27 17:34 - 2014-06-28 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-10-27 17:30 - 2014-02-24 20:03 - 00000000 ____D () C:\Program Files (x86)\Secure Banking
2014-10-27 16:56 - 2014-04-22 12:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-27 16:56 - 2014-04-22 12:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-27 16:53 - 2012-03-20 16:40 - 00025858 _____ () C:\Windows\LDPINST.LOG
2014-10-27 16:53 - 2012-03-20 16:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-10-27 16:53 - 2012-03-20 16:40 - 00004482 _____ () C:\Windows\LkmdfCoInst.log
2014-10-27 16:53 - 2012-03-20 16:40 - 00000000 ____D () C:\ProgramData\Logishrd
2014-10-27 16:53 - 2012-03-20 16:40 - 00000000 ____D () C:\Program Files\Logitech
2014-10-27 16:53 - 2012-03-20 16:39 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-10-27 16:52 - 2014-04-21 13:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Logitech
2014-10-27 16:44 - 2014-04-21 13:52 - 00118368 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-26 20:32 - 2012-01-25 00:31 - 00000561 _____ () C:\Users\Moonchild\AppData\Roaming\burnaware.ini
2014-10-26 20:30 - 2013-04-29 14:30 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\vlc
2014-10-26 20:30 - 2012-11-26 22:07 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\dvdcss
2014-10-26 08:30 - 2009-07-14 05:45 - 00445688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-25 23:18 - 2014-02-24 20:33 - 00000032 _____ () C:\Windows\SysWOW64\thxcfg.ini
2014-10-25 23:18 - 2013-04-07 12:16 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-10-25 16:45 - 2012-01-15 14:42 - 00118368 _____ () C:\Users\Moonchild\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-24 09:53 - 2014-04-21 13:52 - 00000000 ____D () C:\Users\Admin
2014-10-23 12:18 - 2012-01-16 08:46 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA
2014-10-23 12:18 - 2012-01-16 08:46 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core
2014-10-19 12:06 - 2014-01-05 12:25 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\gtk-2.0
2014-10-19 12:06 - 2013-04-09 07:45 - 00000000 ____D () C:\Users\Moonchild\.gimp-2.8
2014-10-18 23:52 - 2012-11-26 22:56 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-10-18 23:51 - 2012-01-15 15:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-18 18:37 - 2013-02-10 13:24 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 18:37 - 2013-02-10 13:24 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 21:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 20:25 - 2012-01-15 16:12 - 00000000 ____D () C:\Users\Administrator
2014-10-17 09:14 - 2012-01-15 19:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 09:12 - 2013-07-12 07:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 09:10 - 2012-01-16 11:57 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 08:49 - 2014-05-14 17:51 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-10-17 08:45 - 2013-02-08 12:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-17 08:45 - 2012-10-13 16:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-17 08:45 - 2012-10-13 16:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 11:48 - 2014-04-21 13:54 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-10-16 11:48 - 2013-03-03 10:36 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-10-05 09:25 - 2014-03-24 21:19 - 00000000 ____D () C:\Users\Moonchild\Downloads\Sechserpack
2014-10-03 23:49 - 2014-07-26 07:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

Files to move or delete:
====================
C:\Users\Admin\en_res.dll
C:\Users\Admin\es_res.dll
C:\Users\Admin\fr_res.dll
C:\Users\Admin\grm_res.dll
C:\Users\Admin\it_res.dll
C:\Users\Admin\jp_res.dll
C:\Users\Admin\mfc80u.dll
C:\Users\Admin\msvcr80.dll
C:\Users\Admin\PCPE Setup.exe
C:\Users\Admin\pt_res.dll
C:\Users\Admin\ResourceReader.dll
C:\Users\Admin\ru_res.dll
C:\Users\Admin\zh_res.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 15:12

==================== End Of Log ============================
         

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
Ran by Moonchild at 2014-11-01 15:29:14
Running from K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Disabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Advanced PDF Password Recovery (HKCU\...\Advanced PDF Password Recovery) (Version: 4.0 - ElcomSoft Co. Ltd.)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.51 - Hulubulu Software)
Amazon Cloud Drive (HKLM-x32\...\{9A766E33-BB01-480F-ABFC-424B8AC11212}) (Version: 0.11.12.0 - Amazon.com)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.0.192 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2001616110.48.56.4132210 - Audible, Inc.)
Aufgaben (HKLM-x32\...\{38AFF23A-CE45-4D7D-B8D4-3517125E7DD2}) (Version: 1.1.3 - Holliesoft)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.6.7716 - )
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Beurer HealthManager (HKLM-x32\...\Beurer HealthManager) (Version: 2.2.0.0 - Beurer Health And Well-Being)
Beurer HealthManager (x32 Version: 2.2.0.0 - Beurer Health And Well-Being) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bitdefender Internet Security 2013 (HKLM\...\Bitdefender) (Version: 16.26.0.1739 - Bitdefender)
BoxCryptor 1.5 (HKLM-x32\...\BoxCryptor) (Version: 1.5.410.149 - Secomba GmbH)
BurnAware Free 6.9.2 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{50A398DA-4562-40AA-9535-0A14C4AB1DD9}) (Version: 1.21.0 - Kovid Goyal)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP540 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
CD Bremse 1.49 (HKLM-x32\...\CD Bremse_is1) (Version: 1.49 - )
Cimaware OfficeFIX 6.xx (HKCU\...\Cimaware OfficeFIX 6.xx) (Version:  - Cimaware Software)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
CPU Speed Pro version 3 (HKLM-x32\...\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1) (Version: 3 - CPU Speed Pro)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor Pro 1.16 (HKLM\...\CPUID HWMonitorPro_is1) (Version:  - )
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
CrystalDiskMark 3.0.1b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.1b - Crystal Dew World)
CUEcards® 2005 (HKLM-x32\...\{C0E7B43A-39F7-4ADA-BF28-B988544F2833}) (Version: 4.29.0 - Marcus Humann Software-Technik)
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Debugging Tools for Windows (HKLM-x32\...\{1C943495-B69F-4D41-AE0E-23C57ECD90EE}) (Version: 6.4.7.2 - Microsoft Corporation)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.1.0 - devolo AG)
Digitale Bibliothek 4 (HKLM-x32\...\Digitale Bibliothek 4) (Version:  - )
DisplayView Click (HKLM-x32\...\{7B2E26A2-84CF-4B58-86ED-DE8E73391BDB}) (Version: 5.30.002 - Portrait Displays, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Doc Scrubber v1.2 (HKLM-x32\...\Doc Scrubber_is1) (Version: 1.2 - BrightFort LLC)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dragon Age Redesigned © Morrigan (HKCU\...\Dragon Age Redesigned © Morrigan) (Version:  - )
Dragon Age Redesigned- Leliana's Song (HKCU\...\Dragon Age Redesigned- Leliana's Song) (Version:  - )
Dragon Age Redesigned Oghren© (HKCU\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKCU\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKCU\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKCU\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKCU\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKCU\...\Dragon Age Redesigned© Wynne) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EasyBCD 2.1.2 (HKLM-x32\...\EasyBCD) (Version: 2.1.2 - NeoSmart Technologies)
EMET 4.1 (HKLM-x32\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.0 - Emsi Software GmbH)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 5.51 - Astonsoft Ltd)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
FlashCatch (HKLM-x32\...\{A0AB2980-1FDD-4b6c-940C-FC87C84F05B7}_is1) (Version:  - )
Folderico 4.0 RC12 (HKLM-x32\...\Folderico) (Version: 4.0 RC12 - Shedko ( www.softq.org ))
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.222 - GMX GmbH)
GMX SMS-Manager (HKLM-x32\...\GMX SMS-Manager) (Version:  - )
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
Hot Alarm Clock 4.2.0.0 (HKLM-x32\...\{672C1EE5-D13F-4EDB-A8CA-26711696C040}_is1) (Version: 4.2 - Comfort Software Group)
Hot CPU Tester Pro 4.4.1 (HKLM-x32\...\{BEE9DFE1-7CDF-4D1C-A473-3B3DF8FF1431}_is1) (Version: 4.4 - 7Byte Computers)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}) (Version: 10.5.3.3 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version:  - David Macek)
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Klebezettel NG (Version 2.9.12) (HKLM-x32\...\{4F81901F-3655-4340-8227-F687F69A3C79}}_is1) (Version:  - )
K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MAXQDA 10 (R210312) (HKLM-x32\...\MAXQDA10) (Version: (R210312) - VERBI Software.Consult.Sozialforschung GmbH)
MAXQDA 10 Reader (R240113) (HKLM-x32\...\MAXQDA10Reader) (Version: (R240113) - VERBI Software.Consult.Sozialforschung GmbH)
MDB Repair Tool (HKLM-x32\...\ST6UNST #1) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{48B08845-0CB0-45EC-893C-15319ADDA312}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
MonitorTest V3.1 (HKLM-x32\...\MonitorTest_is1) (Version: 3.1 - PassMark Software)
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozy Sync (HKLM\...\{FEC9F6A9-556B-490D-8BF3-BD09A37C4DA1}) (Version: 1.2.1.4039 - Mozy, Inc)
MozyHome (HKLM\...\{06BFC7A0-2C6A-ED03-5684-37E8949A5823}) (Version: 2.26.0.376 - Mozy, Inc.)
MSXML 4.0 (x32 Version: 4.20.9818.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
SDK (x32 Version: 2.34.014 - Portrait Displays, Inc.) Hidden
SDS (Shutdown Scheduler) (HKLM-x32\...\CWK) (Version: 2.50.2.40 - Damian Pasternak)
Secure Banking (HKLM-x32\...\{2088356A-A860-4619-B6DC-F6785AEBBBF7}) (Version: 2.0.0 - Machinecode Technologies)
Secure Banking Version 1.5.2 (HKLM-x32\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (HKLM-x32\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
SMPlayer 0.8.0 (x64) (HKLM\...\SMPlayer) (Version: 0.8.0 - Ricardo Villalba)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TaskUnifier 3.1.1 (HKLM-x32\...\TaskUnifier 3.1.1) (Version: 3.1.1 - )
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.4 - Bitdreamers)
Trend Micro RUBotted 2.0 Beta (HKLM-x32\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1034 - Trend Micro, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ULTIMATER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ULTIMATER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ULTIMATER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.200 - Nuance Communications Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Wieldy 0.3.1.996 (HKLM-x32\...\Wieldy) (Version: 0.3.1.996 - Kevin Erath)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
x64 Components v3.9.6 (HKLM\...\x64 Components_is1) (Version: 3.9.6 - Shark007)
xp-AntiSpy 3.98-1 (HKLM-x32\...\xp-AntiSpy) (Version:  - Christian Taubenheim)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Moonchild\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Moonchild\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-01 00:18 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core.job => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA.job => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-26 15:41 - 2012-09-26 11:14 - 00091504 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2013-11-26 15:40 - 2012-09-26 11:14 - 00273264 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2013-03-07 11:52 - 2013-10-24 14:11 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2012-01-15 19:36 - 2013-02-05 14:40 - 00094416 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2013-11-21 10:14 - 2013-11-21 10:14 - 00114176 _____ () C:\Program Files (x86)\EMET 4.1\HelperLib.dll
2013-11-12 09:22 - 2013-11-12 09:22 - 00028672 _____ () C:\Program Files (x86)\EMET 4.1\ReportingSubsystem.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00348160 _____ () C:\Program Files (x86)\EMET 4.1\DevExpress.UserSkins.HighContrast.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00023040 _____ () C:\Program Files (x86)\EMET 4.1\TrayIconSubsystem.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00042496 _____ () C:\Program Files (x86)\EMET 4.1\PKIPinningSubsystem.dll
2013-03-29 16:10 - 2013-10-24 14:11 - 00099256 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll
2013-07-24 14:29 - 2013-10-24 14:10 - 00436024 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdidntconp.dll
2013-03-29 16:10 - 2013-10-24 14:11 - 00164352 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\bdidntconp.ui

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Moonchild\Downloads\DANZIG Mama1.avi:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk => C:\Windows\pss\MozyHome Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk => C:\Windows\pss\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A Note.lnk => C:\Windows\pss\A Note.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^click.to.lnk => C:\Windows\pss\click.to.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: GMX SMS-Manager => C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "K:\Windows_SSD\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Klebezettel NG => "C:\Program Files (x86)\Klebezettel NG\klebez.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Philips Device Listener => "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: THGuard => "C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe"
MSCONFIG\startupreg: TrojanScanner => C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

========================= Accounts: ==========================

Admin (S-1-5-21-365492360-3355046920-2098280994-1007 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-365492360-3355046920-2098280994-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-365492360-3355046920-2098280994-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-365492360-3355046920-2098280994-1006 - Limited - Enabled)
Moonchild (S-1-5-21-365492360-3355046920-2098280994-1000 - Limited - Enabled) => C:\Users\Moonchild

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/01/2014 03:27:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.11.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: db8

Startzeit: 01cff5dfc281f889

Endzeit: 4

Anwendungspfad: K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion\FRST64.exe

Berichts-ID:

Error: (11/01/2014 01:49:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2014 01:28:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/31/2014 06:20:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2014 04:24:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2014 02:53:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 12.0.6705.5000, Zeitstempel: 0x5418f06f
Name des fehlerhaften Moduls: oart.dll, Version: 12.0.6683.5002, Zeitstempel: 0x520bb41f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a3e3
ID des fehlerhaften Prozesses: 0x11a0
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (10/31/2014 10:13:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/31/2014 08:46:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 10:42:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 09:39:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/31/2014 09:25:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MOON-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DF0BC07-DF5B-4C57-9CC8-00672E37F925}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (10/30/2014 06:42:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ-NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DF0BC07-DF5B-4C57-9CC8-00672E37F925}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (10/28/2014 08:40:33 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:30 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:27 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:25 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:22 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:20 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:17 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:14 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.


Microsoft Office Sessions:
=========================
Error: (10/31/2014 02:53:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12920 seconds with 1680 seconds of active time.  This session ended with a crash.

Error: (05/03/2014 01:57:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/26/2014 01:24:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11873 seconds with 2040 seconds of active time.  This session ended with a crash.

Error: (02/17/2014 02:42:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 48 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/17/2014 09:45:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/16/2013 05:37:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/08/2013 06:40:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/09/2013 01:57:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/17/2012 03:29:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 752 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (12/16/2012 05:56:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 957 seconds with 780 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-11-01 15:20:21.350
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 14:37:08.948
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 14:22:39.985
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 14:15:06.755
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 14:02:03.183
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 13:49:27.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-31 18:30:33.683
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-31 18:20:14.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-31 16:24:05.326
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-31 08:58:22.668
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570S CPU @ 3.10GHz
Percentage of memory in use: 51%
Total physical RAM: 8175.11 MB
Available physical RAM: 3967.54 MB
Total Pagefile: 20173.29 MB
Available Pagefile: 15314.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:61.42 GB) NTFS
Drive d: (Win-7 Reserve) (Fixed) (Total:100 GB) (Free:89.6 GB) NTFS
Drive e: (Win7-Games) (Fixed) (Total:100.01 GB) (Free:16.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Wissenschaft Sicherheit) (Fixed) (Total:200 GB) (Free:76.73 GB) NTFS
Drive g: (Big One 2) (Fixed) (Total:1563.01 GB) (Free:1161.68 GB) NTFS
Drive j: (Wissenschaft ) (Fixed) (Total:200.02 GB) (Free:68.81 GB) NTFS
Drive k: (Big One) (Fixed) (Total:1562.99 GB) (Free:832.45 GB) NTFS
Drive s: (Volume) (Fixed) (Total:60.15 GB) (Free:11.2 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================