Alle Browser voll mit Werbung

mark30 · 07.12.2014, 23:33

Hallo liebe Community Mitglieder,
ich brauche eure Hilfe. Seit ca. 3 Tagen kann ich mir keinem Browser mehr arbeiten.
Es kommen unzählige Werbeeinblendungen. Ich habe schon versucht das Problem mit Spyhunter4 zu lösen, leider nichts gebracht.
Ich würde euch ersuchen mir ein paar Tips zu geben wie ich dieses lästige Ding los werde.

cosinus · 07.12.2014, 23:47

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

mark30 · 08.12.2014, 00:06

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014 02
Ran by MasterX (administrator) on RAMPAGEX on 07-12-2014 02:35:48
Running from C:\Users\MasterX\Downloads
Loaded Profile: MasterX (Available profiles: MasterX & Hendl)
Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
() C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst II\cfosspeed.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\SABnzbd\SABnzbd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\MasterX\AppData\Local\CloudStation\app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\MasterX\AppData\Local\CloudStation\app\bin\cloud-connect.exe
(Synology Inc.) C:\Users\MasterX\AppData\Local\CloudStation\app\bin\cloud-daemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Ubisoft) C:\Users\MasterX\AppData\Local\Apps\2.0\4RW8Z1TM.3DM\ZREQXNBR.3BH\laun...app_2e973cc213891be7_0001.0024_94178cdbabd6dd82\Launcher.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Ubisoft) C:\Users\MasterX\AppData\Local\Apps\2.0\4RW8Z1TM.3DM\ZREQXNBR.3BH\laun...app_2e973cc213891be7_0001.0024_94178cdbabd6dd82\LauncherReporter.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [ROG GameFirst II] => C:\Program Files\ASUS\ROG GameFirst II\cFosSpeed.exe [2806672 2014-02-03] (cFos Software GmbH)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395616 2014-09-03] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-09-03] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5223976 2014-09-15] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [615952 2014-08-11] (Acronis International GmbH)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-08-12] (CyberLink Corp.)
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3123744 2013-10-30] (Disc Soft Ltd)
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Run: [OfficeSyncProcess] => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe [2699264 2013-12-17] (ASUS)
Startup: C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk
ShortcutTarget: SABnzbd.lnk -> C:\Program Files (x86)\SABnzbd\SABnzbd.exe ()
Startup: C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.27 192.168.1.29
Tcpip\..\Interfaces\{E086432F-3A16-41F2-B954-C5910927DC27}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.423\npSurveillancePlugin.dll (Synology)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-10]
FF HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Firefox\Extensions: [{CDCEAE3B-901F-ECE8-CA46-29FFDE57A13A}] - C:\Program Files (x86)\ver7BetterMarkIt\184.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://derstandard.at/
CHR StartupUrls: Default -> "hxxp://derstandard.at/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-24]
CHR Extension: (Google Docs) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-24]
CHR Extension: (Google Drive) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-29]
CHR Extension: (YouTube) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-28]
CHR Extension: (Google-Suche) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-28]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-11-25]
CHR Extension: (Google Tabellen) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-24]
CHR Extension: (Google Wallet) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-29]
CHR Extension: (Google Mail) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1434848 2013-05-23] (SIEMENS AG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2013-09-30] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
S2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst II\spd.exe [1009552 2014-02-03] (cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [143072 2013-07-08] (Siemens AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [472288 2013-07-08] (Siemens AG)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-24] (Enigma Software Group USA, LLC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 TeamViewer9; "c:\users\masterx\appdata\local\temp\teamviewer\version9\TeamViewer_Service.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2013-09-30] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R2 AsRamDisk; C:\Windows\system32\DRIVERS\asramdisk.sys [111928 2013-12-13] (Asus)
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
S3 atillk64; C:\Program Files (x86)\ASUS\GPU Tweak\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
S3 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [21304 2013-10-05] (Olof Lagerkvist)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488688 2014-09-28] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 dpmconv; C:\Windows\System32\drivers\dpmconv.sys [259584 2013-04-10] (Siemens AG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-28] (Disc Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [469264 2013-06-20] (Intel Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-24] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-24] ()
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2014-10-11] (Acronis International GmbH)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 MosIrUsb; C:\Windows\system32\DRIVERS\MosIrUsb.sys [28160 2013-07-18] (ASIX Electronics Corp.)
R3 s7odpx2x64; C:\Windows\System32\drivers\s7odpx2x64.sys [71168 2012-12-19] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\drivers\s7oppinx64.sys [107520 2012-07-24] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\drivers\s7osmcax64.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\drivers\s7osobux64.sys [153600 2012-07-24] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\drivers\s7otranx64.sys [260096 2012-07-24] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\drivers\s7otsadx64.sys [196096 2012-07-24] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\drivers\s7ousbu64x.sys [137216 2013-06-03] (Siemens AG)
R2 s7sn2srtx; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [83032 2012-05-09] (SIEMENS AG)
R2 SNTIE; C:\Windows\system32\DRIVERS\sntie.sys [286432 2013-03-22] (SIEMENS AG)
R3 SUNSTREAKER; C:\Windows\system32\DRIVERS\Sunstreaker.sys [572416 2013-12-17] (C-Media Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2014-10-11] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248096 2014-10-11] (Acronis International GmbH)
R3 vsnl2ada; C:\Windows\System32\drivers\vsnl2ada.sys [128000 2013-07-01] (SIEMENS AG)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 webinstrNewH; C:\Windows\system32\Drivers\webinstrNewH.sys [106456 2014-12-04] (Corsica)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 cpuz136; \??\C:\Users\MasterX\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\C:\Users\MasterX\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 02:35 - 2014-12-07 02:35 - 02119168 _____ (Farbar) C:\Users\MasterX\Downloads\FRST64.exe
2014-12-07 02:35 - 2014-12-07 02:35 - 00031768 _____ () C:\Users\MasterX\Downloads\FRST.txt
2014-12-07 02:35 - 2014-12-07 02:35 - 00000000 ____D () C:\FRST
2014-12-07 02:27 - 2014-12-07 02:27 - 00012447 _____ () C:\Users\MasterX\Downloads\Download.htm
2014-12-07 01:39 - 2014-12-07 01:39 - 01125762 _____ () C:\Users\MasterX\Downloads\Maleficent.German.AC3D.DL.NTSC.DVDR-VICE.nzb
2014-12-07 00:37 - 2014-12-07 00:37 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd
2014-12-07 00:37 - 2014-12-07 00:37 - 00000000 ____D () C:\Users\MasterX\AppData\Local\sabnzbd
2014-12-07 00:37 - 2014-12-07 00:37 - 00000000 ____D () C:\Program Files (x86)\SABnzbd
2014-12-07 00:36 - 2014-12-07 00:36 - 10926924 _____ () C:\Users\MasterX\Downloads\SABnzbd-0.7.20-win32-setup.exe
2014-12-06 00:36 - 2013-07-02 15:29 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2014-12-04 21:48 - 2014-12-06 22:17 - 00001938 _____ () C:\Windows\patsearch.bin
2014-12-04 21:48 - 2014-12-04 21:48 - 00106456 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNewH.sys
2014-12-04 21:48 - 2014-12-04 21:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf
2014-12-04 21:45 - 2014-12-04 21:45 - 00071608 _____ () C:\Users\MasterX\Downloads\HDVidCodec.exe
2014-12-04 20:49 - 2014-12-07 02:24 - 00000000 ____D () C:\Users\MasterX\Desktop\Projekte_konvertiert AS3.09_3090
2014-12-04 08:34 - 2014-12-04 08:34 - 00000000 ____D () C:\Users\Hendl\AppData\Local\CyberLink
2014-11-30 14:17 - 2014-11-30 14:17 - 00000328 _____ () C:\Users\MasterX\Desktop\HP Printer Diagnostic Tools.url
2014-11-28 23:51 - 2014-11-28 23:56 - 80208933 _____ () C:\Users\MasterX\Downloads\neuexchser13sp1.rar
2014-11-28 23:38 - 2014-11-28 23:39 - 344822384 _____ () C:\Users\MasterX\Downloads\UL480.rar
2014-11-28 23:20 - 2014-11-28 23:26 - 83262043 _____ () C:\Users\MasterX\Downloads\v2bexser13sp1uebw.part2.rar
2014-11-28 22:39 - 2014-11-28 22:49 - 104857600 _____ () C:\Users\MasterX\Downloads\v2bexser13sp1uebw.part1.rar
2014-11-26 22:27 - 2014-11-26 22:29 - 568232036 _____ () C:\Users\MasterX\Documents\mydiscimage.ashdisc
2014-11-26 22:22 - 2014-11-26 22:27 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\AccurateRip
2014-11-26 22:22 - 2014-11-26 22:22 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\EAC
2014-11-26 22:21 - 2014-11-26 22:21 - 01169232 _____ () C:\Users\MasterX\Downloads\Exact Audio Copy - CHIP-Installer.exe
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ____D () C:\Users\MasterX\AppData\Local\CyberLink
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ____D () C:\ProgramData\PDVD
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-11-26 21:57 - 2014-11-26 21:57 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-11-26 21:56 - 2014-11-26 21:56 - 78364839 _____ () C:\Users\MasterX\Downloads\PowerDVDUltra14.0.4412.58.part2.rar
2014-11-26 21:53 - 2014-11-26 21:53 - 00000000 ____D () C:\Users\MasterX\Documents\DVDVideoSoft
2014-11-26 21:52 - 2014-11-26 21:55 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\DVDVideoSoft
2014-11-26 21:51 - 2014-11-26 21:52 - 31524272 _____ (DVDVideoSoft Ltd. ) C:\Users\MasterX\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228.exe
2014-11-26 21:47 - 2014-11-26 21:47 - 106954752 _____ () C:\Users\MasterX\Downloads\PowerDVDUltra14.0.4412.58.part1.rar
2014-11-26 19:32 - 2014-11-26 19:32 - 00000000 ____D () C:\Windows\F94A63D79A61403B8F6F90B1BF77211A.TMP
2014-11-25 19:04 - 2014-11-25 19:04 - 06626832 _____ (TeamViewer GmbH) C:\Users\MasterX\Downloads\TeamViewer_Setup_de (1).exe
2014-11-24 21:42 - 2014-11-24 21:42 - 06626832 _____ (TeamViewer GmbH) C:\Users\MasterX\Downloads\TeamViewer_Setup_de.exe
2014-11-24 20:58 - 2014-11-24 20:58 - 00003978 _____ () C:\Windows\System32\Tasks\4Team updater
2014-11-24 20:57 - 2014-11-24 20:58 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\4Team
2014-11-24 20:57 - 2014-11-24 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Team Corporation
2014-11-24 20:57 - 2014-11-24 20:57 - 00000000 ____D () C:\Program Files\Common Files\4Team
2014-11-24 20:57 - 2014-11-24 20:57 - 00000000 ____D () C:\Program Files\4Team Corporation
2014-11-24 20:56 - 2014-11-24 20:56 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Downloaded Installations
2014-11-24 20:55 - 2014-11-24 20:55 - 05780096 _____ (4Team Corporation) C:\Users\MasterX\Downloads\vcard_setup.exe
2014-11-24 18:47 - 2014-11-24 20:47 - 00197148 _____ () C:\Users\MasterX\Documents\Kontakte.vcf
2014-11-24 17:18 - 2014-12-07 01:05 - 00004045 _____ () C:\sh4_service.log
2014-11-24 17:17 - 2014-11-24 16:11 - 00014680 _____ () C:\Windows\system32\sh4native.exe
2014-11-24 16:12 - 2014-11-24 16:12 - 00000000 _____ () C:\autoexec.bat
2014-11-24 16:11 - 2014-11-26 19:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-11-24 16:11 - 2014-11-24 16:11 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-24 16:11 - 2014-11-24 16:11 - 00003334 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-24 16:11 - 2014-11-24 16:11 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-11-24 16:11 - 2014-11-24 16:11 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\Enigma Software Group
2014-11-24 16:11 - 2014-11-24 16:11 - 00000000 ____D () C:\sh4ldr
2014-11-23 22:40 - 2014-11-23 22:40 - 00030501 _____ () C:\Users\MasterX\Documents\Malware + Trojaner 23-11-2014.txt
2014-11-23 22:15 - 2014-12-07 01:08 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-23 22:14 - 2014-11-23 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-23 22:14 - 2014-11-23 22:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-23 22:14 - 2014-11-23 22:14 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-23 22:14 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-23 22:14 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-23 22:14 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-23 22:03 - 2014-11-23 22:42 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
2014-11-22 22:44 - 2014-11-22 22:45 - 00000090 _____ () C:\ProgramData\Temp.log
2014-11-22 04:46 - 2014-11-25 00:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-11-22 04:43 - 2014-11-25 00:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-22 04:43 - 2014-11-22 04:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-22 04:43 - 2014-11-22 04:43 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-20 18:24 - 2014-11-24 17:18 - 00000000 ____D () C:\ProgramData\firebird
2014-11-19 22:31 - 2014-11-19 22:31 - 00000000 ____D () C:\Users\Hendl\AppData\Local\HP
2014-11-19 20:24 - 2014-11-19 20:24 - 00000000 __SHD () C:\Users\Hendl\AppData\Local\EmieBrowserModeList
2014-11-17 23:30 - 2014-11-17 23:30 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Macroplant_LLC
2014-11-17 23:14 - 2014-11-17 23:14 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\iFunbox_UserCache
2014-11-17 18:24 - 2014-11-17 18:24 - 00002292 _____ () C:\Users\MasterX\Documents\Corsair_alt.RDP
2014-11-17 18:20 - 2014-11-23 22:01 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2014-11-16 00:38 - 2014-11-16 00:38 - 00000000 __SHD () C:\Users\MasterX\AppData\Local\EmieBrowserModeList
2014-11-15 22:05 - 2014-11-15 22:05 - 00004608 _____ () C:\Windows\SECOH-QAD.exe
2014-11-15 22:05 - 2014-11-15 22:05 - 00003584 _____ () C:\Windows\SECOH-QAD.dll
2014-11-13 12:39 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 12:39 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 12:39 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-11-13 12:39 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-11-13 12:39 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 12:39 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 12:39 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-11-13 12:39 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-11-13 12:39 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-11-13 12:39 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 12:39 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 12:39 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-11-13 12:39 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 12:39 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-13 12:39 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-13 12:39 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-13 12:39 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 12:39 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-11-13 12:39 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 12:38 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-13 12:38 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-13 12:38 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-13 12:38 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-13 12:38 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-11-13 12:38 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-13 12:38 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-13 12:38 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-13 12:38 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-11-13 12:38 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-13 12:38 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-13 12:38 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-13 12:38 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-13 12:38 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-13 12:38 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-13 12:38 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-13 12:38 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 12:38 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-13 12:38 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 12:38 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 12:38 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-11-13 12:38 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-13 12:38 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-13 12:38 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-13 12:38 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-13 12:38 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-11-13 12:38 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-13 12:38 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-11-13 12:38 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-13 12:38 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-11-13 12:38 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-11-13 12:38 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-11-13 12:37 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 12:37 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-13 12:37 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-13 12:37 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-13 12:37 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-13 12:37 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-13 12:37 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 12:37 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-13 12:37 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 12:37 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 12:37 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 12:37 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-13 12:37 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 12:37 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 12:37 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 12:37 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-13 12:37 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 12:37 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-11-13 12:37 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-13 12:37 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 12:37 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 12:37 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 12:37 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 12:37 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-13 12:37 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 12:37 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 12:37 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-13 12:37 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-13 12:37 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-13 12:37 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 12:37 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 12:37 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-13 12:37 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-13 12:37 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 12:37 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-13 12:37 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-11-13 12:37 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-13 12:37 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 12:37 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 12:37 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 12:37 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 12:37 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 12:37 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 12:37 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-11-13 12:37 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 12:37 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-13 12:37 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 12:37 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-13 12:37 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-13 12:37 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-13 12:37 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-13 12:37 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-13 12:37 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 12:37 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-13 12:37 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 12:37 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-13 12:37 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 12:37 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 12:37 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 12:37 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 12:37 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 12:37 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 12:37 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-13 12:37 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 12:37 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-11-13 12:37 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-13 12:37 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 12:37 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 12:37 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-13 12:37 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 12:37 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 12:37 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-13 12:37 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-13 12:37 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-13 12:37 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 12:37 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-13 12:37 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 12:37 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-13 12:37 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 12:37 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-13 12:37 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 12:37 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-11-13 12:37 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-13 12:37 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 12:37 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 12:37 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 12:37 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 12:37 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-11-13 12:37 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-13 12:37 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 12:37 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 12:37 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 12:37 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 12:37 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 12:37 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 12:37 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 12:37 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 12:37 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-11-13 12:37 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 12:37 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 12:37 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 12:37 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 12:37 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 12:37 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 12:37 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 12:37 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 12:37 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 12:36 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-13 12:36 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-13 12:36 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-13 12:36 - 2014-09-07 23:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-13 12:36 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-11-13 12:36 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-11-13 12:36 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-11-13 12:36 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-11-13 12:36 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-11-13 12:36 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-11-13 12:36 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-11-13 12:36 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-13 12:36 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-13 12:36 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-13 12:36 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-13 12:36 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-11-13 12:36 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-13 12:36 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-11-13 12:36 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-13 12:36 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-13 12:36 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-13 12:36 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-13 12:36 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-13 12:36 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-11-13 12:36 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-11-13 12:36 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-11-11 20:41 - 2014-11-11 20:41 - 00001305 _____ () C:\Users\MasterX\Documents\Schoko_moko.txt
2014-11-11 20:31 - 2014-11-11 20:31 - 06126536 _____ (Tim Kosse) C:\Users\MasterX\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-11-09 22:01 - 2014-11-09 22:01 - 00003923 _____ () C:\Users\Hendl\Downloads\f (1).txt
2014-11-09 21:52 - 2014-11-09 21:52 - 00003925 _____ () C:\Users\Hendl\Downloads\f.txt
2014-11-07 14:31 - 2014-11-07 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 02:26 - 2014-09-29 11:03 - 00000000 ____D () C:\Users\MasterX\Documents\Outlook-Dateien
2014-12-07 02:20 - 2014-09-28 22:08 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\ClassicShell
2014-12-07 02:00 - 2014-09-29 11:07 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Adobe
2014-12-07 02:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-07 01:47 - 2014-09-28 19:16 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2122217481-3044512288-1942015121-1001
2014-12-07 01:44 - 2014-11-01 01:37 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Deployment
2014-12-07 01:43 - 2014-09-28 19:23 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 01:41 - 2014-10-03 18:28 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-12-07 01:35 - 2014-10-21 22:32 - 00002290 ____H () C:\Users\MasterX\Documents\Default.rdp
2014-12-07 01:32 - 2014-09-28 19:06 - 01198821 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 01:26 - 2014-10-05 21:50 - 00005144 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RampageX-MasterX RampageX
2014-12-07 01:24 - 2014-09-28 19:16 - 00765338 _____ () C:\Windows\system32\perfh007.dat
2014-12-07 01:24 - 2014-09-28 19:16 - 00159692 _____ () C:\Windows\system32\perfc007.dat
2014-12-07 01:24 - 2014-09-28 19:09 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-07 01:20 - 2014-09-28 21:40 - 00000000 _____ () C:\Windows\Path.idx
2014-12-07 01:16 - 2014-10-03 20:57 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-12-07 01:15 - 2014-10-04 23:03 - 00000000 ___RD () C:\Users\MasterX\My_Cloud
2014-12-07 01:15 - 2014-10-04 23:03 - 00000000 ____D () C:\Users\MasterX\AppData\Local\CloudStation
2014-12-07 01:15 - 2014-09-28 21:28 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-12-07 01:15 - 2014-09-28 19:23 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 01:15 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 01:14 - 2014-09-29 10:01 - 00119492 _____ () C:\Windows\PFRO.log
2014-12-07 01:14 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-07 01:13 - 2014-09-28 21:40 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-07 01:13 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-12-07 01:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-06 22:39 - 2014-09-28 19:10 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Packages
2014-12-06 01:11 - 2014-10-07 20:33 - 00000000 ____D () C:\Users\Hendl\AppData\Roaming\ClassicShell
2014-12-06 01:06 - 2014-10-06 20:12 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2122217481-3044512288-1942015121-1003
2014-12-05 00:11 - 2014-09-28 21:37 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-04 21:48 - 2013-08-22 15:46 - 00027952 _____ () C:\Windows\setupact.log
2014-12-04 08:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-03 20:30 - 2014-10-03 19:23 - 00000000 ____D () C:\Users\MasterX\AppData\Local\JDownloader v2.0
2014-11-30 14:17 - 2014-10-01 22:25 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\HpUpdate
2014-11-26 22:43 - 2014-11-01 23:40 - 00000000 ____D () C:\Program Files (x86)\Hilscher GmbH
2014-11-26 22:43 - 2014-10-16 19:20 - 00000000 ____D () C:\Users\MasterX\Documents\CyberLink
2014-11-26 22:43 - 2014-09-29 10:15 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-26 21:58 - 2014-09-28 19:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-26 21:57 - 2014-09-29 10:17 - 00000000 ____D () C:\ProgramData\install_clap
2014-11-24 17:21 - 2014-09-28 19:11 - 00001454 _____ () C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-24 17:18 - 2014-10-19 01:06 - 00000000 ____D () C:\Temp
2014-11-24 17:18 - 2014-09-29 21:23 - 00000000 ____D () C:\Program Files (x86)\ownCloud
2014-11-24 17:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System
2014-11-24 17:14 - 2014-09-29 21:26 - 00000000 ____D () C:\Users\MasterX\ownCloud
2014-11-24 16:41 - 2014-09-28 21:15 - 00003096 _____ () C:\Windows\System32\Tasks\Start Corsair Link
2014-11-23 21:19 - 2013-08-22 15:44 - 05110400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-23 21:12 - 2014-10-20 23:50 - 00000000 ____D () C:\Program Files (x86)\Nmap
2014-11-23 14:29 - 2014-10-06 20:07 - 00000000 ____D () C:\Users\Hendl\AppData\Local\Adobe
2014-11-23 14:15 - 2014-10-06 20:06 - 00000000 ____D () C:\Users\Hendl\AppData\Local\Packages
2014-11-22 23:21 - 2014-10-20 23:50 - 00000000 ____D () C:\Users\MasterX\.zenmap
2014-11-22 22:49 - 2014-09-29 10:15 - 00000000 ____D () C:\ProgramData\CLSK
2014-11-22 22:45 - 2014-09-29 10:19 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\CyberLink
2014-11-22 04:58 - 2014-09-28 21:36 - 00000197 _____ () C:\Windows\wininit.ini
2014-11-22 03:19 - 2014-10-10 20:52 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-11-19 20:14 - 2014-10-03 22:14 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-17 18:51 - 2014-10-02 19:43 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\FileZilla
2014-11-17 18:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-17 18:20 - 2014-10-02 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-11-17 18:20 - 2014-10-02 19:43 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-11-15 23:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-11-15 22:39 - 2014-10-02 17:39 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\TeamViewer
2014-11-15 22:05 - 2014-09-28 19:07 - 00000000 ____D () C:\Program Files\KMSpico
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-13 16:20 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-13 16:17 - 2014-09-28 19:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 16:15 - 2014-09-28 19:57 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 12:38 - 2014-09-28 19:23 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 12:38 - 2014-09-28 19:23 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-11 22:12 - 2014-09-29 01:55 - 00001158 _____ () C:\Windows\MB.idx
2014-11-09 14:28 - 2014-10-11 20:41 - 00000000 ____D () C:\ProgramData\Acronis
2014-11-07 14:31 - 2014-10-23 08:15 - 00000000 ____D () C:\Program Files (x86)\Synology

Some content of TEMP:
====================
C:\Users\Hendl\AppData\Local\Temp\COMAP.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-06 01:06

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Ich hoffe du kannst mir helfen

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014 02
Ran by MasterX at 2014-12-07 02:36:07
Running from C:\Users\MasterX\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Team vCardWizard (HKLM\...\{A8B6B211-B522-4B9B-A5FA-E49F785D53BE}) (Version: 3.01.0159 - 4Team Corporation)
Acronis True Image 2015 (HKLM-x32\...\{C66A0D5B-7BEA-40F2-8C3D-196595D2EE56}Visible) (Version: 18.0.5539 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.5539 - Acronis) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
AMD Catalyst Install Manager (HKLM\...\{22E2B25B-2FFE-1A69-E591-55DD72BC5F5B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 14 v.14.0.5 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.5 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0000 - Asmedia Technology)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.18 - ASUSTeK Computer Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.5.2.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.24 - ASUSTeK Computer Inc.)
ASUS_ROG_THEME (HKLM-x32\...\ASUS_ROG_THEME) (Version: 1.01.00 - ASUSTeK Computer Inc.)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.8.100 - Autodesk)
Autodesk Revit Architecture 2015 - Deutsch (German) (HKLM\...\Autodesk Revit Architecture 2015 - Deutsch (German)) (Version: 15.0.117.0 - Autodesk)
Autodesk Revit Architecture Content Libraries 2015 - Deutsch (German) (HKLM\...\Autodesk Revit Architecture Content Libraries 2015 - Deutsch (German)) (Version: 15.0.117.0 - Autodesk)
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.11.100 - Autodesk, Inc.)
Automation Net PVI V4.0 (HKLM-x32\...\Automation Net PVI V4.0) (Version: 4.0.14.58 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
Automation Runtime AS3.0 AR X8.14 (HKLM-x32\...\Automation Runtime AS3.0 AR X8.14) (Version: 8.14.23.0 - Bernecker & Rainer Industrie Elektronik Ges.m.b.H.)
Automation Studio V3.0.55 AR V2.40 (HKLM-x32\...\Automation Studio V3.0.55 AR V2.40) (Version: 3.0.55.1440 - Bernecker & Rainer Industrie Elektronik Ges.m.b.H.)
Automation Studio V4.0 (HKLM-x32\...\Automation Studio V4.0) (Version: 4.0.14.207 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
Automation Studio Version Changer V2.5.3 (HKLM-x32\...\Automation Studio Version Changer V2.5.3) (Version: 2.5.3.7012 - Bernecker & Rainer Industrie Elektronik Ges.m.b.H.)
B&R Generic HART DTM Release 5.2 (HKLM-x32\...\InstallShield_{B6B0E716-89BF-4BA2-A182-515D5219D943}) (Version: 5.2.1224 - B&R Automation)
B&R Generic HART DTM Release 5.2 (x32 Version: 5.2.1224 - B&R Automation) Hidden
BetterMarkIt (HKLM-x32\...\4394FDD6-D41F-A3F9-8B8C-A170B05E0801) (Version:  - BetterMarkIt-software) <==== ATTENTION
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.33.223.1 - Broadcom Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.200.13 - Citrix Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.7.5361 - Corsair)
Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Corsair Raptor HS40 (HKLM-x32\...\{B77575BE-73DB-43C6-A555-82BB713BCB79}) (Version:   - Corsair Components, Inc.)
CPUID ROG CPU-Z 1.66.1 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.66.1 - CPUID, Inc.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd)
DTM Library (HKLM-x32\...\{25742C53-3D14-4B10-B84E-329E781D5EFF}) (Version: 1.0350.121108.8879 - Hilscher GmbH)
DTM Library V1.0350.121108.8879 (HKLM-x32\...\DTMLibrary) (Version: 1.0350.121108.8879 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Ghost Recon Phantoms - EU (HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\61e5da2b7c463135) (Version: 1.36.4185.2 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
HART DTM V1.0.2.2140 (HKLM-x32\...\HART_DTM) (Version: 1.0.0.9 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{9EFED617-DC37-46FC-BFD4-ED096BAD3591}) (Version: 32.0.90.45518 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.710 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KingBill 2013 (HKLM-x32\...\{4E80F25A-1548-426F-93BC-A107472F1854}) (Version: 8.1.7 - KingBill GmbH)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.01 - ASUSTeK Computer Inc.)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM-x32\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NCM GPRS 64 (Version: 01.01.0000 - Siemens AG) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.1.200.13 - Citrix Systems, Inc.) Hidden
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.6.4.4041 - ownCloud)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Revit Architecture 2015 - Deutsch (German) (Version: 15.0.117.0 - Autodesk) Hidden
Revit Architecture 2015 Language Pack - Deutsch (German) (Version: 15.0.117.0 - Autodesk) Hidden
Revit Architecture Content Libraries 2015 - Deutsch (German) (Version: 15.0.117.0 - Autodesk) Hidden
ROG GameFirst II v9.05 (HKLM\...\ROG GameFirst II) (Version: 9.05 - cFos Software GmbH, Bonn)
ROG RAMDisk (HKLM-x32\...\{DE8C1883-4F14-40DF-8C8C-376157ADF5A3}) (Version: 2.02.05 - ASUSTeK Computer Inc.)
Runtime Utility Center V4.2.7.13 (HKLM-x32\...\Runtime Utility Center) (Version: 4.2.7.13 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
SeCon (x32 Version: 02.00.0001 - Siemens AG) Hidden
Self-Service Plug-in (x32 Version: 4.1.200.588 - Citrix Systems, Inc.) Hidden
Siemens Automation License Manager (Version: 05.02.0100 - Siemens AG) Hidden
Siemens Automation License Manager V5.2 + SP1   (HKLM\...\{615F1B7D-EA2D-4242-84A0-71C2C7CE214B}LicenseManager) (Version: 05.02.0100 - Siemens AG)
Siemens Totally Integrated Automation Portal V12 (HKLM-x32\...\Siemens Installer Assistant - TIAP12) (Version: V12 - Siemens AG)
SIMATIC Device Drivers (Version: 01.02.0000 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.02.0000 - Siemens AG) Hidden
SIMATIC Event Database (x32 Version: 05.05.0300 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 12.00.0100 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0400 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 10.00.0100 - Siemens AG) Hidden
SIMATIC Prosave V10.0 incl. SP1   (HKLM-x32\...\{1A797C0B-EF7B-4687-BE26-A453BD4D41BC}Prosave) (Version: 10.00.0100 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2   (HKLM-x32\...\{1CBF27F6-24A4-488D-940A-678F1C691C49}PLCSim) (Version: 5.4.0502 - Siemens AG)
Sonic Radar (HKLM\...\{203BCA8C-BC00-4DD5-85DF-2F84DB803B57}) (Version: 1.2.001 - ASUSTeKcomputer.Inc)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
SurveillancePlugin (HKLM-x32\...\{B4637DBD-7E8E-46D4-BC9C-EC1C9F1DC561}) (Version: 1.0.0.423 - Synology)
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.1.3317 - Synology, Inc.)
Synology Cloud Station (remove only) (HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Synology CloudStation) (Version:  - )
TIA Portal Single SetupPackage - Hardware Support Base Package 0  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 03  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM All Editions Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM NoBasic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Simatic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - STEP 7 Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIA Tour Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIACOMPCHECK Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WinCC Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
Totally Integrated Automation Portal V12 -  TIA Portal Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VC User 71 RTL X86 --- (x32 Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9200 - Broadcom Corporation)
WinCC Runtime Advanced Simulator (x32 Version: 12.00.0000 - Siemens AG) Hidden
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)

==================== Restore Points  =========================

22-11-2014 11:13:16 Removed Studie zur Verbesserung von HP Officejet Pro 8620
23-11-2014 20:12:14 Removed FARO LS 1.1.501.0 (64bit)
26-11-2014 18:30:20 Installed RegHunter
06-12-2014 22:33:19 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-11-27 20:21 - 00010390 ____N C:\Windows\system32\Drivers\etc\hosts
192.168.1.26	autodiscover.gasservice.at
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net


There are 213 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02B066EE-F41F-4501-853A-65ECAC89C570} - \BetterMarkIt Update No Task File <==== ATTENTION
Task: {03FA44C1-358F-421E-A87E-0AB11053DB35} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2013-08-29] (ASUSTeK Computer Inc.)
Task: {053262AC-FFAC-4E52-A706-26D0E3BE9B62} - \GPUP No Task File <==== ATTENTION
Task: {0C189F81-B13D-4118-8798-A9DAA7C3C1E6} - System32\Tasks\4Team updater => C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe [2013-01-18] ()
Task: {273E99CB-B992-4CE9-B037-FE929B3D8D40} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {422F3E21-2FF7-48F8-8F74-EA815704D08B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {46375F77-040C-4369-8FDF-656653F86725} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-08] ()
Task: {4B102981-DD83-4DEA-97DA-049AF0CA83CB} - System32\Tasks\ASUS\RamDisk => C:\Program Files (x86)\ASUS\ROG RAMDisk\loadImage.exe [2013-12-23] ()
Task: {4B50FB81-FD57-496E-B3CF-62814E576B88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-28] (Google Inc.)
Task: {4CFE0EBD-2A65-4603-BF29-1AE60EAA8DE6} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-11-24] (Enigma Software Group USA, LLC.)
Task: {50C859F7-491D-4CAB-BC7F-7EA7E44DF524} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2014-09-05] ()
Task: {688D8F20-DDA9-45BA-9AA6-078A97ED5257} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {779D1C90-02AF-44D1-8F35-DAC1B7B3B711} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-10-03] ()
Task: {83C7AFF7-988D-46DD-BF1A-23C8BBC3B059} - System32\Tasks\Auto Re-Aktivierung => C:\Windows\Re-Aktivierung\TriggerKMS.exe [2013-01-22] ()
Task: {8554061E-44D4-4B6B-AE62-A25B0858C0DA} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {87D63C6F-B7ED-4882-9FF9-1867F78E7E33} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2013-09-30] ()
Task: {935F7CE9-EC9A-4F5B-9C40-ABD3D4E26306} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9F8933CE-AF22-4627-B1F0-9350F93FF97D} - System32\Tasks\AdobeAAMUpdater-1.0-RampageX-MasterX => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {AA88D152-9DD6-4AF1-95D3-307CBCF70778} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {AD5A24E8-C067-4DCD-BAEF-E3BB3B14BEEB} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
Task: {B320A5AC-51DC-4DED-8F0C-F2F719DC26E9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {B6F15383-839D-4857-9786-917127F7824E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {C93668E5-9B0B-413B-B13E-DB0E252F7FAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-28] (Google Inc.)
Task: {D1B652F2-E477-43BA-A4F3-1F6583795209} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-13] (Microsoft Corporation)
Task: {D35AC5CE-737B-4058-8EDE-FA6F0501AB64} - System32\Tasks\Microsoft Office 15 Sync Maintenance for RampageX-MasterX RampageX => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-10-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-26 14:00 - 2012-11-26 14:00 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2014-09-28 19:17 - 2013-07-04 11:32 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2014-09-28 21:30 - 2013-09-30 04:27 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-02-11 16:29 - 2014-02-11 16:29 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-10-03 22:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-07-04 19:27 - 2013-07-04 19:27 - 00848096 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2014-09-28 21:30 - 2013-09-30 11:01 - 01986328 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
2014-09-28 21:21 - 2013-07-24 09:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-09-28 21:20 - 2013-08-08 13:34 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-09-28 19:29 - 2013-08-20 10:37 - 00605496 _____ () C:\Windows\SYSTEM32\audioLibVc.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2014-12-07 00:37 - 2014-12-07 00:37 - 00104960 _____ () C:\Program Files (x86)\SABnzbd\SABnzbd.exe
2013-06-05 14:51 - 2013-06-05 14:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-06-05 14:51 - 2013-06-05 14:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 04993968 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\cloud-ui.exe
2014-10-14 23:31 - 2013-12-22 07:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-10-14 23:31 - 2013-12-22 07:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-09-28 19:17 - 2014-12-07 01:15 - 00034304 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-09-28 19:17 - 2013-07-04 11:32 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2013-12-13 08:39 - 2013-12-13 08:39 - 00278528 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2013-11-18 08:32 - 2013-11-18 08:32 - 00053248 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2014-09-28 21:30 - 2013-09-30 10:27 - 00179712 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsusService.dll
2014-09-28 21:30 - 2013-09-30 10:27 - 00470016 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\IccHelper.dll
2014-09-28 21:18 - 2013-08-07 18:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-09-28 21:19 - 2013-10-29 10:53 - 00872960 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2014-09-28 21:20 - 2013-08-08 13:41 - 02747392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-09-28 21:21 - 2013-08-29 14:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-09-28 21:24 - 2013-09-05 14:46 - 02064384 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll
2014-09-28 21:18 - 2013-06-04 10:41 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-09-28 21:18 - 2013-08-07 18:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2014-09-28 21:23 - 2012-01-19 08:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2014-09-28 21:18 - 2013-08-07 18:11 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2014-09-28 21:18 - 2013-08-07 18:11 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2014-09-28 21:25 - 2013-06-24 12:45 - 00062976 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
2014-09-28 21:23 - 2010-09-23 10:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
2014-09-28 21:23 - 2010-02-25 13:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
2014-09-28 21:21 - 2013-07-31 19:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-09-28 21:21 - 2010-06-21 14:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-09-28 21:24 - 2012-05-02 17:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll
2014-09-28 21:24 - 2013-08-07 17:43 - 00176128 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll
2014-09-28 21:24 - 2010-12-14 16:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
2014-09-28 21:24 - 2013-06-11 11:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.DLL
2014-09-28 21:24 - 2010-10-29 17:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.DLL
2014-09-28 21:24 - 2013-08-06 19:04 - 02502656 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.DLL
2014-09-28 21:24 - 2013-08-29 16:48 - 00610304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGOInsHelp.dll
2014-09-28 21:24 - 2013-01-31 21:59 - 00515072 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HelpWin8.dll
2014-09-28 21:24 - 2012-01-12 15:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
2014-09-28 21:24 - 2013-06-13 16:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll
2014-09-28 21:24 - 2013-03-21 18:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
2014-09-28 21:24 - 2012-04-25 13:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll

2014-11-07 14:31 - 2014-11-07 14:31 - 02339179 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libcurl-4.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 02822396 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libsqlite3-0.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00112142 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libgcc_s_dw2-1.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 01000974 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libstdc++-6.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 01820468 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\icuuc53.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00131598 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\zlib1.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 03085456 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\icuin53.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 21568929 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\icudt53.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00626176 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\platforms\qwindows.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00473086 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\ssleay32.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 02177649 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libeay32.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00131598 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\ZLIB1.dll
2014-11-26 21:58 - 2014-08-12 11:36 - 00867080 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2014-11-26 21:58 - 2013-12-10 08:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2014-11-26 21:58 - 2013-12-10 08:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2014-11-26 21:58 - 2013-12-10 08:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2014-11-26 21:58 - 2013-12-10 08:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2014-09-15 20:07 - 2014-09-15 20:07 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-09-15 20:11 - 2014-09-15 20:11 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-09-15 20:08 - 2014-09-15 20:08 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2014-12-07 01:41 - 2014-12-07 01:41 - 00372264 ____N () C:\Users\MasterX\AppData\Local\Apps\2.0\4RW8Z1TM.3DM\ZREQXNBR.3BH\laun...app_2e973cc213891be7_0001.0024_94178cdbabd6dd82\MonoTorrent.dll
2014-12-07 01:41 - 2014-12-07 01:41 - 00049192 ____N () C:\Users\MasterX\AppData\Local\Apps\2.0\4RW8Z1TM.3DM\ZREQXNBR.3BH\laun...app_2e973cc213891be7_0001.0024_94178cdbabd6dd82\Mono.Nat.dll
2014-12-07 01:41 - 2014-12-07 01:41 - 00179752 ____N () C:\Users\MasterX\AppData\Local\Apps\2.0\4RW8Z1TM.3DM\ZREQXNBR.3BH\laun...app_2e973cc213891be7_0001.0024_94178cdbabd6dd82\MiscUtil.dll
2014-12-07 01:41 - 2014-12-07 01:41 - 00100904 _____ () C:\Users\MasterX\AppData\Local\Apps\2.0\4RW8Z1TM.3DM\ZREQXNBR.3BH\laun...app_2e973cc213891be7_0001.0024_94178cdbabd6dd82\Patch.dll
2014-10-16 10:15 - 2014-10-16 10:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-11-26 23:45 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 23:45 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 23:45 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-11-26 23:45 - 2014-11-25 07:39 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
2014-11-26 23:45 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\MasterX\AppData\Local\WIaUvnOC:IzzWF8AwsJgThLlMZq07

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "SUNSTREAKERSound"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUS WiFi GO! FileTransfer Execute"
HKLM\...\StartupApproved\Run32: => "BDRegion"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "InstantBurn"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "CitrixReceiver"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "SiemensAutomationFileStorage"
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\StartupApproved\Run: => "OfficeSyncProcess"



==================== Faulty Device Manager Devices =============

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom 802.11ac Network Adapter
Description: Broadcom 802.11ac Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 01:16:05 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll8

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (12/07/2014 01:16:04 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll8

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/07/2014 01:15:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460
Ausnahmecode: 0x40010006
Fehleroffset: 0x00012f71
ID des fehlerhaften Prozesses: 0xdd0
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (12/07/2014 01:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spd.exe, Version: 9.5.2096.0, Zeitstempel: 0x52efa9b0
Name des fehlerhaften Moduls: speedsrv.dll, Version: 9.5.2096.0, Zeitstempel: 0x52efa9a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048a3a
ID des fehlerhaften Prozesses: 0x940
Startzeit der fehlerhaften Anwendung: 0xspd.exe0
Pfad der fehlerhaften Anwendung: spd.exe1
Pfad des fehlerhaften Moduls: spd.exe2
Berichtskennung: spd.exe3
Vollständiger Name des fehlerhaften Pakets: spd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: spd.exe5

Error: (12/07/2014 01:05:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460
Ausnahmecode: 0x40010006
Fehleroffset: 0x00012f71
ID des fehlerhaften Prozesses: 0x13bc
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5


System errors:
=============
Error: (12/07/2014 01:15:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/07/2014 01:15:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "cFosSpeed System Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/07/2014 01:15:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/07/2014 01:05:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/07/2014 01:05:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "cFosSpeed System Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/07/2014 01:05:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/06/2014 11:39:02 PM) (Source: DCOM) (EventID: 10010) (User: RampageX)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/06/2014 11:34:45 PM) (Source: DCOM) (EventID: 10010) (User: RampageX)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/06/2014 11:34:15 PM) (Source: DCOM) (EventID: 10010) (User: RampageX)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/06/2014 11:07:13 PM) (Source: DCOM) (EventID: 10010) (User: RampageX)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================
Error: (12/07/2014 01:16:05 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll8

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (12/07/2014 01:16:04 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll8

Error: (12/07/2014 01:16:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/07/2014 01:15:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1727853eeb4604001000600012f71dd001d011b2dbe8f183C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll21950ee4-7da6-11e4-828c-10c37b9de21b

Error: (12/07/2014 01:15:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: spd.exe9.5.2096.052efa9b0speedsrv.dll9.5.2096.052efa9a4c00000050000000000048a3a94001d011b2d8643c24C:\Program Files\ASUS\ROG GameFirst II\spd.exeC:\Program Files\ASUS\ROG GameFirst II\speedsrv.dll1f961e16-7da6-11e4-828c-10c37b9de21b

Error: (12/07/2014 01:05:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1727853eeb4604001000600012f7113bc01d011b17efbbe96C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dllc01ab05a-7da4-11e4-828b-10c37b9de21b


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4930K CPU @ 3.40GHz
Percentage of memory in use: 13%
Total physical RAM: 32706.76 MB
Available physical RAM: 28427 MB
Total Pagefile: 37570.82 MB
Available Pagefile: 32375.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.81 GB) (Free:320.91 GB) NTFS
Drive d: (3TB Mirror) (Fixed) (Total:2794.37 GB) (Free:2587.56 GB) NTFS
Drive p: (RAID5) (Network) (Total:5309.47 GB) (Free:4904.6 GB) NTFS
Drive q: () (Network) (Total:2793.53 GB) (Free:2727.11 GB) 
Drive r: (RAMDISK) (Fixed) (Total:16 GB) (Free:15.9 GB) NTFS
Drive s: () (Network) (Total:3664.33 GB) (Free:800.66 GB) 
Drive t: () (Network) (Total:849.15 GB) (Free:619.29 GB) NTFS
Drive u: (web) (Network) (Total:4145.34 GB) (Free:3171.86 GB) NTFS
Drive v: (Projekte) (Network) (Total:4145.34 GB) (Free:3171.86 GB) NTFS
Drive w: (photo) (Network) (Total:4145.34 GB) (Free:3171.86 GB) NTFS
Drive x: (music) (Network) (Total:4145.34 GB) (Free:3171.86 GB) NTFS
Drive y: (public) (Network) (Total:4145.34 GB) (Free:3171.86 GB) NTFS
Drive z: (Daten) (Network) (Total:4145.34 GB) (Free:3171.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.2 GB) (Disk ID: 01446EC3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Hallo hast du die Logs bekommen ?

mark30 · 08.12.2014, 00:57

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 08.12.2014
Scan Time: 00:46:20
Logfile: Malwarebyte Log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.07.10
Rootkit Database: v2014.12.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: MasterX

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 390497
Time Elapsed: 4 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.ReMarkable.A, C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, , [d333e47cd2aacf67dfdf6e55e321966a], 
PUP.Optional.ReMarkable.A, C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, , [d92d0957b0cc4aec2599e2e15da7ed13], 

Physical Sectors: 0
(No malicious items detected)


(end)

Hallo Cosinus , hast du vielleicht schon einen Lösungsansatz

cosinus · 08.12.2014, 09:47

Zitat:

C:\Program Files\KMSpico

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

mark30 · 08.12.2014, 13:01

Hallo Cosinus,
ich habe jetzt die Dateien die du angeführt hast alle entfernt. Es tut mir leid aber das hat mir mein Nachbar alles installiert. Ich wusste vorher nicht was das eigentlich ist.
Ist das die Ursache für mein Problem gewesen? Weil ich habe noch immer diese lästige Werbungen
MFG

cosinus · 08.12.2014, 13:36

Hast du auch das gecrackte Office deinstalliert?
Sonst alles an illegalen Programmen gelöscht und deinstalliert?

mark30 · 08.12.2014, 14:20

Hallo Cosinus,
ich habe das Office über unsere Firma gekauft und nicht gecrackt. Ich habe einen Screenshot gemacht wo man den Kauf von Paket Office 2013 Proffesional sieht. Das würde ich dir gerne schicken. Das einzige was mit der Nachbar installiert hat, dass war so eine Hausbau Software und diese habe ich schon lange deiinstalliert.
Daher bitte um Hilfe bei dem Werbung Problem !
Danke MFG

cosinus · 08.12.2014, 14:26

Du hast ein gekauftes Office dann aber den berüchtigten KMS-Pico Crack drin? Das glaub ich so nicht. Es geht weiter wenn du alles gecrackte runter hast. Also auch MS-Office deinstallieren.

mark30 · 08.12.2014, 15:04

Hallo Cosinus, habe jetzt das Office auch deiinstalliert.
MFG

cosinus · 08.12.2014, 15:06

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

mark30 · 08.12.2014, 15:20

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02
Ran by MasterX at 2014-12-08 15:08:58
Running from C:\Users\MasterX\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Team vCardWizard (HKLM\...\{A8B6B211-B522-4B9B-A5FA-E49F785D53BE}) (Version: 3.01.0159 - 4Team Corporation)
Acronis True Image 2015 (HKLM-x32\...\{C66A0D5B-7BEA-40F2-8C3D-196595D2EE56}Visible) (Version: 18.0.5539 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.5539 - Acronis) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)
AMD Catalyst Install Manager (HKLM\...\{22E2B25B-2FFE-1A69-E591-55DD72BC5F5B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 14 v.14.0.5 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.5 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0000 - Asmedia Technology)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.18 - ASUSTeK Computer Inc.)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.5.2.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.24 - ASUSTeK Computer Inc.)
ASUS_ROG_THEME (HKLM-x32\...\ASUS_ROG_THEME) (Version: 1.01.00 - ASUSTeK Computer Inc.)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.8.100 - Autodesk)
Autodesk Revit Architecture 2015 - Deutsch (German) (HKLM\...\Autodesk Revit Architecture 2015 - Deutsch (German)) (Version: 15.0.117.0 - Autodesk)
Autodesk Revit Architecture Content Libraries 2015 - Deutsch (German) (HKLM\...\Autodesk Revit Architecture Content Libraries 2015 - Deutsch (German)) (Version: 15.0.117.0 - Autodesk)
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.11.100 - Autodesk, Inc.)
Automation Net PVI V4.0 (HKLM-x32\...\Automation Net PVI V4.0) (Version: 4.0.14.58 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
Automation Runtime AS3.0 AR X8.14 (HKLM-x32\...\Automation Runtime AS3.0 AR X8.14) (Version: 8.14.23.0 - Bernecker & Rainer Industrie Elektronik Ges.m.b.H.)
Automation Studio V3.0.55 AR V2.40 (HKLM-x32\...\Automation Studio V3.0.55 AR V2.40) (Version: 3.0.55.1440 - Bernecker & Rainer Industrie Elektronik Ges.m.b.H.)
Automation Studio V4.0 (HKLM-x32\...\Automation Studio V4.0) (Version: 4.0.14.207 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
Automation Studio Version Changer V2.5.3 (HKLM-x32\...\Automation Studio Version Changer V2.5.3) (Version: 2.5.3.7012 - Bernecker & Rainer Industrie Elektronik Ges.m.b.H.)
B&R Generic HART DTM Release 5.2 (HKLM-x32\...\InstallShield_{B6B0E716-89BF-4BA2-A182-515D5219D943}) (Version: 5.2.1224 - B&R Automation)
B&R Generic HART DTM Release 5.2 (x32 Version: 5.2.1224 - B&R Automation) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.33.223.1 - Broadcom Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.200.13 - Citrix Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.7.5361 - Corsair)
Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Corsair Raptor HS40 (HKLM-x32\...\{B77575BE-73DB-43C6-A555-82BB713BCB79}) (Version:   - Corsair Components, Inc.)
CPUID ROG CPU-Z 1.66.1 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.66.1 - CPUID, Inc.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd)
DTM Library (HKLM-x32\...\{25742C53-3D14-4B10-B84E-329E781D5EFF}) (Version: 1.0350.121108.8879 - Hilscher GmbH)
DTM Library V1.0350.121108.8879 (HKLM-x32\...\DTMLibrary) (Version: 1.0350.121108.8879 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Ghost Recon Phantoms - EU (HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\61e5da2b7c463135) (Version: 1.36.4185.2 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
HART DTM V1.0.2.2140 (HKLM-x32\...\HART_DTM) (Version: 1.0.0.9 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{9EFED617-DC37-46FC-BFD4-ED096BAD3591}) (Version: 32.0.90.45518 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.710 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
KingBill 2013 (HKLM-x32\...\{4E80F25A-1548-426F-93BC-A107472F1854}) (Version: 8.1.7 - KingBill GmbH)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.01 - ASUSTeK Computer Inc.)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM-x32\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NCM GPRS 64 (Version: 01.01.0000 - Siemens AG) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Online Plug-in (x32 Version: 14.1.200.13 - Citrix Systems, Inc.) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
RegHunter (HKLM\...\{F94A63D7-9A61-403B-8F6F-90B1BF77211A}) (Version: 1.3.3.1613 - Enigma Software Group USA, LLC)
Revit Architecture 2015 - Deutsch (German) (Version: 15.0.117.0 - Autodesk) Hidden
Revit Architecture 2015 Language Pack - Deutsch (German) (Version: 15.0.117.0 - Autodesk) Hidden
Revit Architecture Content Libraries 2015 - Deutsch (German) (Version: 15.0.117.0 - Autodesk) Hidden
ROG GameFirst II v9.05 (HKLM\...\ROG GameFirst II) (Version: 9.05 - cFos Software GmbH, Bonn)
ROG RAMDisk (HKLM-x32\...\{DE8C1883-4F14-40DF-8C8C-376157ADF5A3}) (Version: 2.02.05 - ASUSTeK Computer Inc.)
Runtime Utility Center V4.2.7.13 (HKLM-x32\...\Runtime Utility Center) (Version: 4.2.7.13 - Bernecker + Rainer Industrie Elektronik Ges.m.b.H.)
SeCon (x32 Version: 02.00.0001 - Siemens AG) Hidden
Self-Service Plug-in (x32 Version: 4.1.200.588 - Citrix Systems, Inc.) Hidden
Siemens Automation License Manager (Version: 05.02.0100 - Siemens AG) Hidden
Siemens Automation License Manager V5.2 + SP1   (HKLM\...\{615F1B7D-EA2D-4242-84A0-71C2C7CE214B}LicenseManager) (Version: 05.02.0100 - Siemens AG)
Siemens Totally Integrated Automation Portal V12 (HKLM-x32\...\Siemens Installer Assistant - TIAP12) (Version: V12 - Siemens AG)
SIMATIC Device Drivers (Version: 01.02.0000 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.02.0000 - Siemens AG) Hidden
SIMATIC Event Database (x32 Version: 05.05.0300 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 12.00.0100 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0400 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 10.00.0100 - Siemens AG) Hidden
SIMATIC Prosave V10.0 incl. SP1   (HKLM-x32\...\{1A797C0B-EF7B-4687-BE26-A453BD4D41BC}Prosave) (Version: 10.00.0100 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2   (HKLM-x32\...\{1CBF27F6-24A4-488D-940A-678F1C691C49}PLCSim) (Version: 5.4.0502 - Siemens AG)
Sonic Radar (HKLM\...\{203BCA8C-BC00-4DD5-85DF-2F84DB803B57}) (Version: 1.2.001 - ASUSTeKcomputer.Inc)
SurveillancePlugin (HKLM-x32\...\{B4637DBD-7E8E-46D4-BC9C-EC1C9F1DC561}) (Version: 1.0.0.423 - Synology)
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.1.3317 - Synology, Inc.)
Synology Cloud Station (remove only) (HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Synology CloudStation) (Version:  - )
TIA Portal Single SetupPackage - Hardware Support Base Package 0  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package 03  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM All Editions Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - HM NoBasic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Simatic Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - STEP 7 Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-01  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - Support Base Package TO-02  V12.0 (x32 Version: 12.00.0000 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIA Tour Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - TIACOMPCHECK Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
TIA Portal Single SetupPackage - WinCC Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
Totally Integrated Automation Portal V12 -  TIA Portal Single SetupPackage  V12.0 + SP1 (x32 Version: 12.00.0100 - Siemens AG) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VC User 71 RTL X86 --- (x32 Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9200 - Broadcom Corporation)
WinCC Runtime Advanced Simulator (x32 Version: 12.00.0000 - Siemens AG) Hidden
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2122217481-3044512288-1942015121-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)

==================== Restore Points  =========================

22-11-2014 11:13:16 Removed Studie zur Verbesserung von HP Officejet Pro 8620
23-11-2014 20:12:14 Removed FARO LS 1.1.501.0 (64bit)
26-11-2014 18:30:20 Installed RegHunter
06-12-2014 22:33:19 Geplanter Prüfpunkt
08-12-2014 12:21:43 Installed RegHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-11-27 20:21 - 00010390 ____N C:\Windows\system32\Drivers\etc\hosts
192.168.1.26	autodiscover.gasservice.at
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43


There are 213 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02B066EE-F41F-4501-853A-65ECAC89C570} - \BetterMarkIt Update No Task File <==== ATTENTION
Task: {03FA44C1-358F-421E-A87E-0AB11053DB35} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2013-08-29] (ASUSTeK Computer Inc.)
Task: {053262AC-FFAC-4E52-A706-26D0E3BE9B62} - \GPUP No Task File <==== ATTENTION
Task: {0C189F81-B13D-4118-8798-A9DAA7C3C1E6} - System32\Tasks\4Team updater => C:\Program Files\4Team Corporation\4Team-Updater\4Team-Updater.exe [2013-01-18] ()
Task: {1E031BC3-B0EC-4505-B898-32AB42569802} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-10-03] ()
Task: {273E99CB-B992-4CE9-B037-FE929B3D8D40} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)
Task: {46375F77-040C-4369-8FDF-656653F86725} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-08-08] ()
Task: {4B102981-DD83-4DEA-97DA-049AF0CA83CB} - System32\Tasks\ASUS\RamDisk => C:\Program Files (x86)\ASUS\ROG RAMDisk\loadImage.exe [2013-12-23] ()
Task: {50C859F7-491D-4CAB-BC7F-7EA7E44DF524} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2014-09-05] ()
Task: {5AF00039-B6DA-4D5C-9ABA-0314662E734E} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-11-24] (Enigma Software Group USA, LLC.)
Task: {688D8F20-DDA9-45BA-9AA6-078A97ED5257} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {6A607781-B206-4328-822A-15CFE8A5C00C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {7BAD12E9-AEB2-4E23-805D-8DD3C9CD96A2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-13] (Microsoft Corporation)
Task: {81468130-9EA2-45C8-A68C-40913D19427B} - System32\Tasks\RegHunterStartup => C:\Program Files\Enigma Software Group\RegHunter\RegHunter.exe [2013-08-13] (Enigma Software Group USA, LLC.)
Task: {83C7AFF7-988D-46DD-BF1A-23C8BBC3B059} - System32\Tasks\Auto Re-Aktivierung => C:\Windows\Re-Aktivierung\TriggerKMS.exe [2013-01-22] ()
Task: {8554061E-44D4-4B6B-AE62-A25B0858C0DA} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {87D63C6F-B7ED-4882-9FF9-1867F78E7E33} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2013-09-30] ()
Task: {935F7CE9-EC9A-4F5B-9C40-ABD3D4E26306} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9F8933CE-AF22-4627-B1F0-9350F93FF97D} - System32\Tasks\AdobeAAMUpdater-1.0-RampageX-MasterX => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {AD5A24E8-C067-4DCD-BAEF-E3BB3B14BEEB} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2013-07-24] ()
Task: {B320A5AC-51DC-4DED-8F0C-F2F719DC26E9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {BCD70A36-B576-47BB-A0BC-1619B4E7D15A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {D35AC5CE-737B-4058-8EDE-FA6F0501AB64} - System32\Tasks\Microsoft Office 15 Sync Maintenance for RampageX-MasterX RampageX => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-26 14:00 - 2012-11-26 14:00 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2014-09-28 19:17 - 2013-07-04 11:32 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2014-09-28 21:30 - 2013-09-30 04:27 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-02-11 16:29 - 2014-02-11 16:29 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-07-04 19:27 - 2013-07-04 19:27 - 00848096 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-09-28 21:30 - 2013-09-30 11:01 - 01986328 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
2014-09-28 21:21 - 2013-07-24 09:16 - 01425208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-12-07 20:49 - 2014-11-25 06:48 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-07 20:49 - 2014-11-25 06:48 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-09-28 19:29 - 2013-08-20 10:37 - 00605496 _____ () C:\Windows\SYSTEM32\audioLibVc.dll
2013-06-05 14:51 - 2013-06-05 14:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-06-05 14:51 - 2013-06-05 14:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 04993968 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\cloud-ui.exe
2014-09-28 21:20 - 2013-08-08 13:34 - 01221912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2014-12-07 20:49 - 2014-11-25 06:48 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-12-07 20:49 - 2014-11-25 06:48 - 26722120 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
2014-12-07 20:49 - 2014-11-25 06:48 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-10-14 23:31 - 2013-12-22 07:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-10-14 23:31 - 2013-12-22 07:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-09-28 19:17 - 2014-12-08 15:05 - 00034304 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-09-28 19:17 - 2013-07-04 11:32 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2013-12-13 08:39 - 2013-12-13 08:39 - 00278528 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2013-11-18 08:32 - 2013-11-18 08:32 - 00053248 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2014-09-28 21:18 - 2013-08-07 18:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2014-09-28 21:19 - 2013-10-29 10:53 - 00872960 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2014-09-28 21:20 - 2013-08-08 13:41 - 02747392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2014-09-28 21:21 - 2013-08-29 14:59 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2014-09-28 21:24 - 2013-09-05 14:46 - 02064384 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll
2014-09-28 21:18 - 2013-06-04 10:41 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2014-09-28 21:18 - 2013-08-07 18:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2014-09-28 21:23 - 2012-01-19 08:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2014-09-28 21:18 - 2013-08-07 18:11 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2014-09-28 21:18 - 2013-08-07 18:11 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2014-09-28 21:25 - 2013-06-24 12:45 - 00062976 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
2014-09-28 21:24 - 2012-05-02 17:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll
2014-09-28 21:24 - 2013-08-07 17:43 - 00176128 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll
2014-09-28 21:24 - 2010-12-14 16:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
2014-09-28 21:24 - 2013-06-11 11:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.DLL
2014-09-28 21:24 - 2010-10-29 17:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.DLL
2014-09-28 21:24 - 2013-08-06 19:04 - 02502656 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.DLL
2014-09-28 21:24 - 2013-08-29 16:48 - 00610304 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGOInsHelp.dll
2014-09-28 21:24 - 2013-01-31 21:59 - 00515072 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HelpWin8.dll
2014-09-28 21:24 - 2012-01-12 15:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
2014-09-28 21:24 - 2013-06-13 16:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll
2014-09-28 21:24 - 2013-03-21 18:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
2014-09-28 21:24 - 2012-04-25 13:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2014-09-28 21:20 - 2013-08-08 13:34 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2014-09-28 21:30 - 2013-09-30 10:27 - 00179712 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsusService.dll
2014-09-28 21:30 - 2013-09-30 10:27 - 00470016 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\IccHelper.dll
2014-09-28 21:21 - 2013-07-31 19:05 - 05773588 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2014-09-28 21:21 - 2010-06-21 14:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 02339179 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libcurl-4.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 02822396 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libsqlite3-0.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00112142 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libgcc_s_dw2-1.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 01000974 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libstdc++-6.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 01820468 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\icuuc53.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00131598 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\zlib1.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 03085456 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\icuin53.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 21568929 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\icudt53.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00626176 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\platforms\qwindows.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00473086 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\ssleay32.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 02177649 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\libeay32.dll
2014-11-07 14:31 - 2014-11-07 14:31 - 00131598 _____ () C:\Users\MasterX\AppData\Local\CloudStation\app\bin\ZLIB1.dll
2014-11-26 21:58 - 2014-08-12 11:36 - 00867080 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2014-11-26 21:58 - 2013-12-10 08:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2014-11-26 21:58 - 2013-12-10 08:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2014-11-26 21:58 - 2013-12-10 08:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2014-11-26 21:58 - 2013-12-10 08:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2014-09-15 20:07 - 2014-09-15 20:07 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-09-15 20:11 - 2014-09-15 20:11 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-09-15 20:08 - 2014-09-15 20:08 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\MasterX\AppData\Local\WIaUvnOC:IzzWF8AwsJgThLlMZq07

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "SUNSTREAKERSound"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUS WiFi GO! FileTransfer Execute"
HKLM\...\StartupApproved\Run32: => "BDRegion"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "InstantBurn"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "CitrixReceiver"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "SiemensAutomationFileStorage"
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\StartupApproved\Run: => "OfficeSyncProcess"

========================= Accounts: ==========================

Administrator (S-1-5-21-2122217481-3044512288-1942015121-500 - Administrator - Disabled)
Guest (S-1-5-21-2122217481-3044512288-1942015121-501 - Limited - Disabled)
Hendl (S-1-5-21-2122217481-3044512288-1942015121-1003 - Limited - Enabled) => C:\Users\Hendl
lazi (S-1-5-21-2122217481-3044512288-1942015121-1004 - Administrator - Enabled)
MasterX (S-1-5-21-2122217481-3044512288-1942015121-1001 - Administrator - Enabled) => C:\Users\MasterX

==================== Faulty Device Manager Devices =============

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom 802.11ac Network Adapter
Description: Broadcom 802.11ac Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/08/2014 03:05:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460
Ausnahmecode: 0x40010006
Fehleroffset: 0x00012f71
ID des fehlerhaften Prozesses: 0xf94
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (12/08/2014 03:05:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spd.exe, Version: 9.5.2096.0, Zeitstempel: 0x52efa9b0
Name des fehlerhaften Moduls: speedsrv.dll, Version: 9.5.2096.0, Zeitstempel: 0x52efa9a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048a3a
ID des fehlerhaften Prozesses: 0xacc
Startzeit der fehlerhaften Anwendung: 0xspd.exe0
Pfad der fehlerhaften Anwendung: spd.exe1
Pfad des fehlerhaften Moduls: spd.exe2
Berichtskennung: spd.exe3
Vollständiger Name des fehlerhaften Pakets: spd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: spd.exe5

Error: (12/08/2014 02:59:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460
Ausnahmecode: 0x40010006
Fehleroffset: 0x00012f71
ID des fehlerhaften Prozesses: 0x484
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (12/08/2014 02:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spd.exe, Version: 9.5.2096.0, Zeitstempel: 0x52efa9b0
Name des fehlerhaften Moduls: speedsrv.dll, Version: 9.5.2096.0, Zeitstempel: 0x52efa9a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048a3a
ID des fehlerhaften Prozesses: 0xaec
Startzeit der fehlerhaften Anwendung: 0xspd.exe0
Pfad der fehlerhaften Anwendung: spd.exe1
Pfad des fehlerhaften Moduls: spd.exe2
Berichtskennung: spd.exe3
Vollständiger Name des fehlerhaften Pakets: spd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: spd.exe5

Error: (12/08/2014 00:57:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460
Ausnahmecode: 0x40010006
Fehleroffset: 0x00012f71
ID des fehlerhaften Prozesses: 0x102c
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (12/08/2014 00:46:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spd.exe, Version: 9.5.2096.0, Zeitstempel: 0x52efa9b0
Name des fehlerhaften Moduls: speedsrv.dll, Version: 9.5.2096.0, Zeitstempel: 0x52efa9a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048a3a
ID des fehlerhaften Prozesses: 0xac0
Startzeit der fehlerhaften Anwendung: 0xspd.exe0
Pfad der fehlerhaften Anwendung: spd.exe1
Pfad des fehlerhaften Moduls: spd.exe2
Berichtskennung: spd.exe3
Vollständiger Name des fehlerhaften Pakets: spd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: spd.exe5

Error: (12/08/2014 00:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460
Ausnahmecode: 0x40010006
Fehleroffset: 0x00012f71
ID des fehlerhaften Prozesses: 0x11b4
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (12/08/2014 00:34:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460
Ausnahmecode: 0x40010006
Fehleroffset: 0x00012f71
ID des fehlerhaften Prozesses: 0xfdc
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5

Error: (12/08/2014 00:33:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spd.exe, Version: 9.5.2096.0, Zeitstempel: 0x52efa9b0
Name des fehlerhaften Moduls: speedsrv.dll, Version: 9.5.2096.0, Zeitstempel: 0x52efa9a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048a3a
ID des fehlerhaften Prozesses: 0xad4
Startzeit der fehlerhaften Anwendung: 0xspd.exe0
Pfad der fehlerhaften Anwendung: spd.exe1
Pfad des fehlerhaften Moduls: spd.exe2
Berichtskennung: spd.exe3
Vollständiger Name des fehlerhaften Pakets: spd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: spd.exe5

Error: (12/07/2014 10:48:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 137c

Startzeit: 01d0126764691826

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: bffb87ff-7e5a-11e4-828f-10c37b9de21b

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (12/08/2014 03:05:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2014 03:05:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "cFosSpeed System Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/08/2014 03:05:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2014 02:59:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2014 02:24:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "cFosSpeed System Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/08/2014 02:24:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2014 02:03:05 PM) (Source: DCOM) (EventID: 10010) (User: RampageX)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/08/2014 02:02:35 PM) (Source: DCOM) (EventID: 10010) (User: RampageX)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/08/2014 01:56:40 PM) (Source: DCOM) (EventID: 10010) (User: RampageX)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/08/2014 01:56:10 PM) (Source: DCOM) (EventID: 10010) (User: RampageX)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office Sessions:
=========================
Error: (12/08/2014 03:05:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1727853eeb4604001000600012f71f9401d012f0026e310eC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll47e6fd0b-7ee3-11e4-8293-10c37b9de21b

Error: (12/08/2014 03:05:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: spd.exe9.5.2096.052efa9b0speedsrv.dll9.5.2096.052efa9a4c00000050000000000048a3aacc01d012efff232ecaC:\Program Files\ASUS\ROG GameFirst II\spd.exeC:\Program Files\ASUS\ROG GameFirst II\speedsrv.dll462837db-7ee3-11e4-8293-10c37b9de21b

Error: (12/08/2014 02:59:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1727853eeb4604001000600012f7148401d012ef1b4d230bC:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll5c745c13-7ee2-11e4-8292-10c37b9de21b

Error: (12/08/2014 02:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: spd.exe9.5.2096.052efa9b0speedsrv.dll9.5.2096.052efa9a4c00000050000000000048a3aaec01d012ea4a47394cC:\Program Files\ASUS\ROG GameFirst II\spd.exeC:\Program Files\ASUS\ROG GameFirst II\speedsrv.dll914c2740-7edd-11e4-8292-10c37b9de21b

Error: (12/08/2014 00:57:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1727853eeb4604001000600012f71102c01d012de1cdbcb29C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll5e4c8b42-7ed1-11e4-8291-10c37b9de21b

Error: (12/08/2014 00:46:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: spd.exe9.5.2096.052efa9b0speedsrv.dll9.5.2096.052efa9a4c00000050000000000048a3aac001d012dc85d97d9bC:\Program Files\ASUS\ROG GameFirst II\spd.exeC:\Program Files\ASUS\ROG GameFirst II\speedsrv.dllcce11254-7ecf-11e4-8291-10c37b9de21b

Error: (12/08/2014 00:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1727853eeb4604001000600012f7111b401d012d87668dea6C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dllb95ceb30-7ecb-11e4-8290-10c37b9de21b

Error: (12/08/2014 00:34:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.1727853eeb4604001000600012f71fdc01d012764bc97069C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\Windows\SYSTEM32\KERNELBASE.dll8cf978f2-7e69-11e4-8290-10c37b9de21b

Error: (12/08/2014 00:33:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: spd.exe9.5.2096.052efa9b0speedsrv.dll9.5.2096.052efa9a4c00000050000000000048a3aad401d0127639fe3a54C:\Program Files\ASUS\ROG GameFirst II\spd.exeC:\Program Files\ASUS\ROG GameFirst II\speedsrv.dll8100d96d-7e69-11e4-8290-10c37b9de21b

Error: (12/07/2014 10:48:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.17416137c01d01267646918264294967295C:\Program Files\Internet Explorer\iexplore.exebffb87ff-7e5a-11e4-828f-10c37b9de21b


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4930K CPU @ 3.40GHz
Percentage of memory in use: 9%
Total physical RAM: 32706.76 MB
Available physical RAM: 29740.9 MB
Total Pagefile: 37570.82 MB
Available Pagefile: 33976.93 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.81 GB) (Free:321.12 GB) NTFS
Drive d: (3TB Mirror) (Fixed) (Total:2794.37 GB) (Free:2587.56 GB) NTFS
Drive p: (RAID5) (Network) (Total:5309.47 GB) (Free:4890.34 GB) NTFS
Drive q: () (Network) (Total:2793.53 GB) (Free:2727.11 GB) 
Drive r: (RAMDISK) (Fixed) (Total:16 GB) (Free:15.9 GB) NTFS
Drive t: () (Network) (Total:849.15 GB) (Free:617.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.2 GB) (Disk ID: 01446EC3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

mark30 · 08.12.2014, 15:25

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02
Ran by MasterX (administrator) on RAMPAGEX on 08-12-2014 15:08:37
Running from C:\Users\MasterX\Downloads
Loaded Profile: MasterX (Available profiles: MasterX & Hendl)
Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst II\cfosspeed.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\MasterX\AppData\Local\CloudStation\app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\MasterX\AppData\Local\CloudStation\app\bin\cloud-connect.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synology Inc.) C:\Users\MasterX\AppData\Local\CloudStation\app\bin\cloud-daemon.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [ROG GameFirst II] => C:\Program Files\ASUS\ROG GameFirst II\cFosSpeed.exe [2806672 2014-02-03] (cFos Software GmbH)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395616 2014-09-03] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-09-03] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5223976 2014-09-15] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [615952 2014-08-11] (Acronis International GmbH)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-08-12] (CyberLink Corp.)
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe [2699264 2013-12-17] (ASUS)
Startup: C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe ()
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\MasterX\AppData\Local\CloudStation\app\icon-overlay\9\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.27 192.168.1.29
Tcpip\..\Interfaces\{E086432F-3A16-41F2-B954-C5910927DC27}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.423\npSurveillancePlugin.dll (Synology)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-10]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-07]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-07]
FF HKU\S-1-5-21-2122217481-3044512288-1942015121-1001\...\Firefox\Extensions: [{CDCEAE3B-901F-ECE8-CA46-29FFDE57A13A}] - C:\Program Files (x86)\ver7BetterMarkIt\184.xpi

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://derstandard.at/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-07]
CHR Extension: (Google Docs) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-07]
CHR Extension: (Google Drive) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-07]
CHR Extension: (YouTube) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-07]
CHR Extension: (Google-Suche) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-07]
CHR Extension: (Google Tabellen) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-07]
CHR Extension: (Google Wallet) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-07]
CHR Extension: (Google Mail) - C:\Users\MasterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-07]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1434848 2013-05-23] (SIEMENS AG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2013-09-30] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
S2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst II\spd.exe [1009552 2014-02-03] (cFos Software GmbH)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [143072 2013-07-08] (Siemens AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64X.exe [472288 2013-07-08] (Siemens AG)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-11-24] (Enigma Software Group USA, LLC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 TeamViewer9; "c:\users\master\appdata\local\temp\teamviewer\version9\TeamViewer_Service.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2013-09-30] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R2 AsRamDisk; C:\Windows\system32\DRIVERS\asramdisk.sys [111928 2013-12-13] (Asus)
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
S3 atillk64; C:\Program Files (x86)\ASUS\GPU Tweak\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
S3 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [21304 2013-10-05] (Olof Lagerkvist)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488688 2014-09-28] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 dpmconv; C:\Windows\System32\drivers\dpmconv.sys [259584 2013-04-10] (Siemens AG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-28] (Disc Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [469264 2013-06-20] (Intel Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-11-24] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-24] ()
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2014-10-11] (Acronis International GmbH)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2014-12-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [799944 2014-12-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2014-12-07] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2014-12-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 MosIrUsb; C:\Windows\system32\DRIVERS\MosIrUsb.sys [28160 2013-07-18] (ASIX Electronics Corp.)
R3 s7odpx2x64; C:\Windows\System32\drivers\s7odpx2x64.sys [71168 2012-12-19] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\drivers\s7oppinx64.sys [107520 2012-07-24] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\drivers\s7osmcax64.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\drivers\s7osobux64.sys [153600 2012-07-24] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\drivers\s7otranx64.sys [260096 2012-07-24] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\drivers\s7otsadx64.sys [196096 2012-07-24] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\drivers\s7ousbu64x.sys [137216 2013-06-03] (Siemens AG)
R2 s7sn2srtx; C:\Windows\system32\DRIVERS\s7sn2srtx.sys [83032 2012-05-09] (SIEMENS AG)
R2 SNTIE; C:\Windows\system32\DRIVERS\sntie.sys [286432 2013-03-22] (SIEMENS AG)
R3 SUNSTREAKER; C:\Windows\system32\DRIVERS\Sunstreaker.sys [572416 2013-12-17] (C-Media Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2014-10-11] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248096 2014-10-11] (Acronis International GmbH)
R3 vsnl2ada; C:\Windows\System32\drivers\vsnl2ada.sys [128000 2013-07-01] (SIEMENS AG)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 webinstrNewH; C:\Windows\system32\Drivers\webinstrNewH.sys [106456 2014-12-04] (Corsica)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 cpuz136; \??\C:\Users\MasterX\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\C:\Users\MasterX\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-08 15:08 - 2014-12-08 15:08 - 00000000 ____D () C:\Users\MasterX\Downloads\FRST-OlderVersion
2014-12-08 13:21 - 2014-12-08 13:21 - 00003348 _____ () C:\Windows\System32\Tasks\RegHunterStartup
2014-12-08 13:21 - 2014-12-08 13:21 - 00001179 _____ () C:\Users\Public\Desktop\RegHunter.lnk
2014-12-08 13:21 - 2014-12-08 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
2014-12-08 00:45 - 2014-12-08 00:45 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-07 21:23 - 2014-12-07 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-12-07 21:22 - 2014-12-07 21:24 - 00799944 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-12-07 21:22 - 2014-12-07 21:24 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-12-07 21:22 - 2014-12-07 21:22 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-12-07 21:22 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-12-07 21:22 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-12-07 21:19 - 2014-12-07 21:21 - 204166464 _____ () C:\Users\MasterX\Downloads\kis15.0.1.415DE_7068.exe
2014-12-07 21:14 - 2014-12-07 21:14 - 00304857 _____ () C:\Users\MasterX\Downloads\HijackThis_205.zip
2014-12-07 21:12 - 2014-12-07 21:12 - 02153472 _____ () C:\Users\MasterX\Downloads\adwcleaner_4.104 (2).exe
2014-12-07 21:05 - 2014-12-07 21:05 - 02153472 _____ () C:\Users\MasterX\Downloads\adwcleaner_4.104 (1).exe
2014-12-07 20:49 - 2014-12-08 15:05 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 20:49 - 2014-12-08 14:54 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 20:49 - 2014-12-07 20:49 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-07 20:49 - 2014-12-07 20:49 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-07 20:49 - 2014-12-07 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-07 02:49 - 2014-12-07 02:49 - 02153472 _____ () C:\Users\MasterX\Downloads\adwcleaner_4.104.exe
2014-12-07 02:44 - 2014-12-07 21:09 - 00000000 ____D () C:\AdwCleaner
2014-12-07 02:44 - 2014-12-07 21:06 - 00000165 _____ () C:\AdwCleanerDebug.txt
2014-12-07 02:38 - 2014-12-07 02:38 - 00069725 _____ () C:\Users\MasterX\Desktop\FRST.txt
2014-12-07 02:37 - 2014-12-07 02:37 - 00052441 _____ () C:\Users\MasterX\Desktop\Addition.txt
2014-12-07 02:36 - 2014-12-07 02:36 - 00052441 _____ () C:\Users\MasterX\Downloads\Addition.txt
2014-12-07 02:35 - 2014-12-08 15:08 - 02119680 _____ (Farbar) C:\Users\MasterX\Downloads\FRST64.exe
2014-12-07 02:35 - 2014-12-08 15:08 - 00032172 _____ () C:\Users\MasterX\Downloads\FRST.txt
2014-12-07 02:35 - 2014-12-08 15:08 - 00000000 ____D () C:\FRST
2014-12-07 02:27 - 2014-12-07 02:27 - 00012447 _____ () C:\Users\MasterX\Downloads\Download.htm
2014-12-07 01:39 - 2014-12-07 01:39 - 01125762 _____ () C:\Users\MasterX\Downloads\Maleficent.German.AC3D.DL.NTSC.DVDR-VICE.nzb
2014-12-06 00:36 - 2013-07-02 15:29 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2014-12-04 21:48 - 2014-12-06 22:17 - 00001938 _____ () C:\Windows\patsearch.bin
2014-12-04 21:48 - 2014-12-04 21:48 - 00106456 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNewH.sys
2014-12-04 21:48 - 2014-12-04 21:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf
2014-12-04 20:49 - 2014-12-07 02:24 - 00000000 ____D () C:\Users\MasterX\Desktop\Projekte_konvertiert AS3.09_3090
2014-12-04 08:34 - 2014-12-04 08:34 - 00000000 ____D () C:\Users\Hendl\AppData\Local\CyberLink
2014-11-30 14:17 - 2014-11-30 14:17 - 00000328 _____ () C:\Users\MasterX\Desktop\HP Printer Diagnostic Tools.url
2014-11-28 23:51 - 2014-11-28 23:56 - 80208933 _____ () C:\Users\MasterX\Downloads\neuexchser13sp1.rar
2014-11-28 23:38 - 2014-11-28 23:39 - 344822384 _____ () C:\Users\MasterX\Downloads\UL480.rar
2014-11-28 23:20 - 2014-11-28 23:26 - 83262043 _____ () C:\Users\MasterX\Downloads\v2bexser13sp1uebw.part2.rar
2014-11-28 22:39 - 2014-11-28 22:49 - 104857600 _____ () C:\Users\MasterX\Downloads\v2bexser13sp1uebw.part1.rar
2014-11-26 22:27 - 2014-11-26 22:29 - 568232036 _____ () C:\Users\MasterX\Documents\mydiscimage.ashdisc
2014-11-26 22:22 - 2014-11-26 22:27 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\AccurateRip
2014-11-26 22:22 - 2014-11-26 22:22 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\EAC
2014-11-26 22:21 - 2014-11-26 22:21 - 01169232 _____ () C:\Users\MasterX\Downloads\Exact Audio Copy - CHIP-Installer.exe
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ____D () C:\Users\MasterX\AppData\Local\CyberLink
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ____D () C:\ProgramData\PDVD
2014-11-26 21:58 - 2014-11-26 21:58 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-11-26 21:57 - 2014-11-26 21:57 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-11-26 21:56 - 2014-11-26 21:56 - 78364839 _____ () C:\Users\MasterX\Downloads\PowerDVDUltra14.0.4412.58.part2.rar
2014-11-26 21:53 - 2014-11-26 21:53 - 00000000 ____D () C:\Users\MasterX\Documents\DVDVideoSoft
2014-11-26 21:52 - 2014-11-26 21:55 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\DVDVideoSoft
2014-11-26 21:51 - 2014-11-26 21:52 - 31524272 _____ (DVDVideoSoft Ltd. ) C:\Users\MasterX\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228.exe
2014-11-26 21:47 - 2014-11-26 21:47 - 106954752 _____ () C:\Users\MasterX\Downloads\PowerDVDUltra14.0.4412.58.part1.rar
2014-11-25 19:04 - 2014-11-25 19:04 - 06626832 _____ (TeamViewer GmbH) C:\Users\MasterX\Downloads\TeamViewer_Setup_de (1).exe
2014-11-24 21:42 - 2014-11-24 21:42 - 06626832 _____ (TeamViewer GmbH) C:\Users\MasterX\Downloads\TeamViewer_Setup_de.exe
2014-11-24 20:58 - 2014-11-24 20:58 - 00003978 _____ () C:\Windows\System32\Tasks\4Team updater
2014-11-24 20:57 - 2014-11-24 20:58 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\4Team
2014-11-24 20:57 - 2014-11-24 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Team Corporation
2014-11-24 20:57 - 2014-11-24 20:57 - 00000000 ____D () C:\Program Files\Common Files\4Team
2014-11-24 20:57 - 2014-11-24 20:57 - 00000000 ____D () C:\Program Files\4Team Corporation
2014-11-24 20:56 - 2014-11-24 20:56 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Downloaded Installations
2014-11-24 20:55 - 2014-11-24 20:55 - 05780096 _____ (4Team Corporation) C:\Users\MasterX\Downloads\vcard_setup.exe
2014-11-24 18:47 - 2014-11-24 20:47 - 00197148 _____ () C:\Users\MasterX\Documents\Kontakte.vcf
2014-11-24 17:18 - 2014-12-08 14:24 - 00001133 _____ () C:\sh4_service.log
2014-11-24 17:17 - 2014-11-24 16:11 - 00014680 _____ () C:\Windows\system32\sh4native.exe
2014-11-24 16:12 - 2014-11-24 16:12 - 00000000 _____ () C:\autoexec.bat
2014-11-24 16:11 - 2014-12-07 20:43 - 00003268 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-24 16:11 - 2014-11-26 19:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-11-24 16:11 - 2014-11-24 16:11 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-24 16:11 - 2014-11-24 16:11 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2014-11-24 16:11 - 2014-11-24 16:11 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\Enigma Software Group
2014-11-24 16:11 - 2014-11-24 16:11 - 00000000 ____D () C:\sh4ldr
2014-11-23 22:40 - 2014-11-23 22:40 - 00030501 _____ () C:\Users\MasterX\Documents\Malware + Trojaner 23-11-2014.txt
2014-11-23 22:15 - 2014-12-08 12:39 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-23 22:14 - 2014-12-08 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-23 22:14 - 2014-12-08 00:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-23 22:14 - 2014-11-23 22:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-23 22:14 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-23 22:14 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-23 22:14 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-23 22:03 - 2014-11-23 22:42 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
2014-11-22 22:44 - 2014-11-22 22:45 - 00000090 _____ () C:\ProgramData\Temp.log
2014-11-22 04:46 - 2014-11-25 00:30 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-11-22 04:43 - 2014-11-25 00:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-22 04:43 - 2014-11-22 04:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-22 04:43 - 2014-11-22 04:43 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-20 18:24 - 2014-11-24 17:18 - 00000000 ____D () C:\ProgramData\firebird
2014-11-19 22:31 - 2014-11-19 22:31 - 00000000 ____D () C:\Users\Hendl\AppData\Local\HP
2014-11-19 20:24 - 2014-11-19 20:24 - 00000000 __SHD () C:\Users\Hendl\AppData\Local\EmieBrowserModeList
2014-11-17 23:30 - 2014-11-17 23:30 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Macroplant_LLC
2014-11-17 23:14 - 2014-11-17 23:14 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\iFunbox_UserCache
2014-11-17 18:24 - 2014-11-17 18:24 - 00002292 _____ () C:\Users\MasterX\Documents\Corsair_alt.RDP
2014-11-17 18:20 - 2014-11-23 22:01 - 00073728 _____ () C:\Windows\SysWOW64\tasks.dll
2014-11-16 00:38 - 2014-11-16 00:38 - 00000000 __SHD () C:\Users\MasterX\AppData\Local\EmieBrowserModeList
2014-11-15 22:05 - 2014-11-15 22:05 - 00004608 _____ () C:\Windows\SECOH-QAD.exe
2014-11-15 22:05 - 2014-11-15 22:05 - 00003584 _____ () C:\Windows\SECOH-QAD.dll
2014-11-13 12:39 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 12:39 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 12:39 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-11-13 12:39 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-11-13 12:39 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 12:39 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 12:39 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-11-13 12:39 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-11-13 12:39 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-11-13 12:39 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 12:39 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 12:39 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-11-13 12:39 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 12:39 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-13 12:39 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-13 12:39 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-13 12:39 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 12:39 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-11-13 12:39 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 12:38 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-13 12:38 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-13 12:38 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-13 12:38 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-13 12:38 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-11-13 12:38 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-13 12:38 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-13 12:38 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-13 12:38 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-11-13 12:38 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-13 12:38 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-13 12:38 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-13 12:38 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-13 12:38 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-13 12:38 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-13 12:38 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-13 12:38 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 12:38 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-13 12:38 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 12:38 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 12:38 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-11-13 12:38 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-13 12:38 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-13 12:38 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-13 12:38 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-13 12:38 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-11-13 12:38 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-13 12:38 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-11-13 12:38 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-13 12:38 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-11-13 12:38 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-11-13 12:38 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-11-13 12:37 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 12:37 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-13 12:37 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-13 12:37 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-13 12:37 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-13 12:37 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-13 12:37 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 12:37 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-13 12:37 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 12:37 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 12:37 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 12:37 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-13 12:37 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 12:37 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 12:37 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 12:37 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-13 12:37 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 12:37 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-11-13 12:37 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-13 12:37 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 12:37 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 12:37 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 12:37 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 12:37 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-13 12:37 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 12:37 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 12:37 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-13 12:37 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-13 12:37 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-13 12:37 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 12:37 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 12:37 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-13 12:37 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-13 12:37 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 12:37 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-13 12:37 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-11-13 12:37 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-13 12:37 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 12:37 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 12:37 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 12:37 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 12:37 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 12:37 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 12:37 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-11-13 12:37 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 12:37 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-13 12:37 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 12:37 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-13 12:37 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-13 12:37 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-13 12:37 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-13 12:37 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-13 12:37 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 12:37 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-13 12:37 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 12:37 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-13 12:37 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 12:37 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 12:37 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 12:37 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 12:37 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 12:37 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 12:37 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-13 12:37 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 12:37 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-11-13 12:37 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-13 12:37 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 12:37 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 12:37 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-13 12:37 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 12:37 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 12:37 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-13 12:37 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-13 12:37 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-13 12:37 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 12:37 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-13 12:37 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 12:37 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-13 12:37 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 12:37 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-13 12:37 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 12:37 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-11-13 12:37 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-13 12:37 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 12:37 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 12:37 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 12:37 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 12:37 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-11-13 12:37 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-13 12:37 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 12:37 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 12:37 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 12:37 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 12:37 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 12:37 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 12:37 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 12:37 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 12:37 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-11-13 12:37 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 12:37 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 12:37 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 12:37 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 12:37 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 12:37 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 12:37 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 12:37 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 12:37 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 12:36 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-13 12:36 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-13 12:36 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-13 12:36 - 2014-09-07 23:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-13 12:36 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-11-13 12:36 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-11-13 12:36 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-11-13 12:36 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-11-13 12:36 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-11-13 12:36 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-11-13 12:36 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-11-13 12:36 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-13 12:36 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-13 12:36 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-13 12:36 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-13 12:36 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-11-13 12:36 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-13 12:36 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-11-13 12:36 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-13 12:36 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-13 12:36 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-13 12:36 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-13 12:36 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-13 12:36 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-11-13 12:36 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-11-13 12:36 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-11-11 20:41 - 2014-11-11 20:41 - 00001305 _____ () C:\Users\MasterX\Documents\Schoko_moko.txt
2014-11-11 20:31 - 2014-11-11 20:31 - 06126536 _____ (Tim Kosse) C:\Users\MasterX\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-11-09 22:01 - 2014-11-09 22:01 - 00003923 _____ () C:\Users\Hendl\Downloads\f (1).txt
2014-11-09 21:52 - 2014-11-09 21:52 - 00003925 _____ () C:\Users\Hendl\Downloads\f.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-08 15:08 - 2014-09-28 22:08 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\ClassicShell
2014-12-08 15:05 - 2014-10-04 23:03 - 00000000 ___RD () C:\Users\MasterX\My_Cloud
2014-12-08 15:05 - 2014-10-04 23:03 - 00000000 ____D () C:\Users\MasterX\AppData\Local\CloudStation
2014-12-08 15:05 - 2014-10-03 20:57 - 00003756 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-12-08 15:05 - 2014-09-29 10:01 - 00123760 _____ () C:\Windows\PFRO.log
2014-12-08 15:05 - 2014-09-28 21:40 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-08 15:05 - 2014-09-28 21:28 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-12-08 15:05 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-08 15:04 - 2014-09-28 21:40 - 00000000 _____ () C:\Windows\Path.idx
2014-12-08 15:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-08 15:02 - 2014-10-05 21:50 - 00005142 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RampageX-MasterX RampageX
2014-12-08 15:02 - 2014-10-03 21:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-08 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-08 14:28 - 2014-09-28 19:16 - 00765338 _____ () C:\Windows\system32\perfh007.dat
2014-12-08 14:28 - 2014-09-28 19:16 - 00159692 _____ () C:\Windows\system32\perfc007.dat
2014-12-08 14:28 - 2014-09-28 19:09 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-08 14:12 - 2014-09-29 11:03 - 00000000 ____D () C:\Users\MasterX\Documents\Outlook-Dateien
2014-12-08 13:55 - 2014-09-28 19:16 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2122217481-3044512288-1942015121-1001
2014-12-08 12:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web
2014-12-08 12:36 - 2014-09-28 19:06 - 01386606 _____ () C:\Windows\WindowsUpdate.log
2014-12-08 12:19 - 2014-09-29 11:07 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Adobe
2014-12-07 22:20 - 2014-09-01 09:18 - 00000935 _____ () C:\Users\MasterX\AppData\Roaming\UOXQYS
2014-12-07 21:24 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2014-12-07 21:24 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2014-12-07 21:22 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-12-07 21:22 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-07 21:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-07 21:11 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-12-07 20:49 - 2014-09-28 19:23 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-07 19:26 - 2014-10-01 22:25 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\HpUpdate
2014-12-07 01:44 - 2014-11-01 01:37 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Deployment
2014-12-07 01:41 - 2014-10-03 18:28 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-12-07 01:35 - 2014-10-21 22:32 - 00002290 ____H () C:\Users\MasterX\Documents\Default.rdp
2014-12-07 01:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2014-12-07 01:14 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-06 22:39 - 2014-09-28 19:10 - 00000000 ____D () C:\Users\MasterX\AppData\Local\Packages
2014-12-06 01:11 - 2014-10-07 20:33 - 00000000 ____D () C:\Users\Hendl\AppData\Roaming\ClassicShell
2014-12-06 01:06 - 2014-10-06 20:12 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2122217481-3044512288-1942015121-1003
2014-12-05 00:11 - 2014-09-28 21:37 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-04 21:48 - 2013-08-22 15:46 - 00027952 _____ () C:\Windows\setupact.log
2014-12-03 20:30 - 2014-10-03 19:23 - 00000000 ____D () C:\Users\MasterX\AppData\Local\JDownloader v2.0
2014-11-26 22:43 - 2014-11-01 23:40 - 00000000 ____D () C:\Program Files (x86)\Hilscher GmbH
2014-11-26 22:43 - 2014-10-16 19:20 - 00000000 ____D () C:\Users\MasterX\Documents\CyberLink
2014-11-26 22:43 - 2014-09-29 10:15 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-26 21:58 - 2014-09-28 19:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-26 21:57 - 2014-09-29 10:17 - 00000000 ____D () C:\ProgramData\install_clap
2014-11-24 17:21 - 2014-09-28 19:11 - 00001454 _____ () C:\Users\MasterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-24 17:18 - 2014-10-19 01:06 - 00000000 ____D () C:\Temp
2014-11-24 17:18 - 2014-09-29 21:23 - 00000000 ____D () C:\Program Files (x86)\ownCloud
2014-11-24 17:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System
2014-11-24 17:14 - 2014-09-29 21:26 - 00000000 ____D () C:\Users\MasterX\ownCloud
2014-11-24 16:41 - 2014-09-28 21:15 - 00003096 _____ () C:\Windows\System32\Tasks\Start Corsair Link
2014-11-23 21:19 - 2013-08-22 15:44 - 05110400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-23 21:12 - 2014-10-20 23:50 - 00000000 ____D () C:\Program Files (x86)\Nmap
2014-11-23 14:29 - 2014-10-06 20:07 - 00000000 ____D () C:\Users\Hendl\AppData\Local\Adobe
2014-11-23 14:15 - 2014-10-06 20:06 - 00000000 ____D () C:\Users\Hendl\AppData\Local\Packages
2014-11-22 23:21 - 2014-10-20 23:50 - 00000000 ____D () C:\Users\MasterX\.zenmap
2014-11-22 22:49 - 2014-09-29 10:15 - 00000000 ____D () C:\ProgramData\CLSK
2014-11-22 22:45 - 2014-09-29 10:19 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\CyberLink
2014-11-22 04:58 - 2014-09-28 21:36 - 00000197 _____ () C:\Windows\wininit.ini
2014-11-22 03:19 - 2014-10-10 20:52 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-11-17 18:51 - 2014-10-02 19:43 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\FileZilla
2014-11-17 18:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-17 18:20 - 2014-10-02 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-11-17 18:20 - 2014-10-02 19:43 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-11-15 23:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-11-15 22:39 - 2014-10-02 17:39 - 00000000 ____D () C:\Users\MasterX\AppData\Roaming\TeamViewer
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-13 16:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-13 16:20 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-13 16:17 - 2014-09-28 19:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 16:15 - 2014-09-28 19:57 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 22:12 - 2014-09-29 01:55 - 00001158 _____ () C:\Windows\MB.idx
2014-11-09 14:28 - 2014-10-11 20:41 - 00000000 ____D () C:\ProgramData\Acronis

Some content of TEMP:
====================
C:\Users\Hendl\AppData\Local\Temp\COMAP.EXE
C:\Users\MasterX\AppData\Local\Temp\RHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-06 01:06

==================== End Of Log ============================

--- --- ---

--- --- ---

Wie kann man ein Bild in diesem Forum hinzufügen
Ich würde dir gerne zeigen was für komische Werbeeinblendungen sogar auf dieser Seite wo ich gerade schreibe kommen

cosinus · 08.12.2014, 15:38

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

mark30 · 08.12.2014, 15:42

Ich bekomme bei Start eine Fehlermeldung,
this operating system is not supported!
Das geht nur bis Windows 8 ich habe aber Windows 8.1

08.12.2014, 13:36	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Alle Browser voll mit Werbung Hast du auch das gecrackte Office deinstalliert? Sonst alles an illegalen Programmen gelöscht und deinstalliert? __________________ Logfiles bitte immer in CODE-Tags posten

08.12.2014, 14:26	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Alle Browser voll mit Werbung Du hast ein gekauftes Office dann aber den berüchtigten KMS-Pico Crack drin? Das glaub ich so nicht. Es geht weiter wenn du alles gecrackte runter hast. Also auch MS-Office deinstallieren. __________________ Logfiles bitte immer in CODE-Tags posten

08.12.2014, 15:06	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Alle Browser voll mit Werbung Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken __________________ Logfiles bitte immer in CODE-Tags posten

Alle Browser voll mit Werbung

Log-Analyse und Auswertung: Alle Browser voll mit Werbung