Hi,
vor einigen Wochen hatte ich von Kaspersky öfters die Information, dass das Programm PriceFountain eine Verbindung zu einem externen Computer herstellen wollte (bin mir nicht mehr sicher wie der genaue Wortlaut war). Diese hab ich alle verboten. Irgendwann wurde es allerdings nervig und ich habe nach dem Programm gegoogelt. Dadurch bin ich auf die Seite shouldiremoveit.com/ gekommen. Dort wurde empfohlen die Software zu deinstallieren (habe ich dann auch).

Heute hab ich eine ähnliche Meldung bekommen nur mit einem Programm namens "WindowsProtectManger" oder so. die hab ich auch immer verboten und anschließen auch auf der oben genannten Seite nachgeguckt. Deinstallieren konnte ich das Programm bis jetzt nicht. Auf der Seite wurde allerdings auch gesagt, dass die Trojaner gefahr groß ist bei diesem Programm. Deshalb bin ich jetzt hier.

Ich hab mir inzwischen mbam runtergeladen und Installiert und hab auch die meisten Logs. Gmer stürzt bei mir nach dem Starten allerdings immer ab, dementsprechend fehlt der. Hatte gehofft das jemand einmal über die Logs guckt und mir möglicherweise hilft beim entfernen von übriggeblibenden resten.

PS: Der Kaspersky Log ist relativ lang da er bis Ende Dezember 2014 reicht. Sollte der also gebraucht werden würde ich den als Anhang hochladen


Addition Log:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015
Ran by Tilman at 2015-01-15 14:12:13
Running from C:\Users\Tilman\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Configurator 4 (HKLM-x32\...\{EA5C48A6-772B-49F8-84A5-A4EFAD2933DB}) (Version: 3 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Autodesk 3ds Max 2013 SDK (HKLM-x32\...\{5EFDD281-7B3A-46D7-8EF5-70E73BD29E7E}) (Version: 15.0.0.347 - Autodesk)
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.2.259.0 - Autodesk)
Autodesk 3ds Max 2015 (Version: 17.2.259.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk 3ds Max 2015 SP1 (Version: 17.1.149.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 SP2 (HKLM\...\Autodesk 3ds Max 2015 SP2) (Version: 17.2.259.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2013 64-bit (HKLM\...\{7EDE5B68-1FB0-405D-88F0-A34236002DA8}) (Version: 1.0.0.1 - Autodesk)
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit (HKLM\...\Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit) (Version:  - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2013 64-bit (HKLM\...\{696BB53C-28E6-1664-974E-D42FFF5B8E04}) (Version: 15.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2013 (HKLM-x32\...\{58760EEC-8B6A-43F4-81AA-696E381DFADD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Autodesk Maya 2015 (HKLM\...\Autodesk Maya 2015) (Version: 15.1.1541.0 - Autodesk)
Autodesk Maya 2015 (Version: 15.1.1541.0 - Autodesk) Hidden
Autodesk Maya 2015 SP1 (HKLM\...\Autodesk Maya 2015 SP1) (Version: 15.1.1541.0 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 1.0.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit (HKLM\...\{06E18300-BB64-1664-8E6A-2593FC67BB74}) (Version: 1.0.0.1 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bitmap2Material 3 (HKLM-x32\...\Steam App 325910) (Version:  - Allegorithmic)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
God Mode (HKLM-x32\...\Steam App 227480) (Version:  - Old School Games)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440-1) (Version: 0.9 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS)
Marmoset Toolbag 2 (HKLM-x32\...\MSET_Toolbag) (Version:  - Marmoset LLC)
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{8057481C-0CFC-43BB-8EEC-C6A0E1C82E19}) (Version: 13.0.1.0 - mental ray)
mental ray renderer for Autodesk Maya 2015 (HKLM\...\{BDF821F0-D64C-421D-0052-A9B995B20873}) (Version: 15.3.1808.0 - mental ray)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM-x32\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
My Game Long Name (HKLM\...\UDK-05b54d63-bb1c-4ab7-aed1-211999801207) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-bb6041cf-1783-4945-8308-37bce5d9cd19) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-d85f2358-c525-4be8-bee3-8c366962e39a) (Version:  - Epic Games, Inc.)
NovaBench 3.0.4 (HKLM-x32\...\{88603FC0-6B3C-442D-981E-E3D49F083548}_is1) (Version:  - Novawave Inc.)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenRL Runtime 1.3.1000.14 x64 (HKLM\...\{250C8D22-1757-11E3-818E-1803734DBB4F}) (Version: 1.3.1000.14 - Caustic Graphics, Inc.)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{A7234617-513C-4292-A013-7DD915493BDA}) (Version: 0.49.305 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Paragon Backup & Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Polygon Cruncher 10.51 (HKLM\...\Polygon Cruncher (x64 bits)) (Version: 10.51 - Mootools)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PureRef (HKLM-x32\...\PureRef) (Version: 1.4.1 - Idyllic Pixel)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
refBoard (HKLM-x32\...\refBoard) (Version: 1.0.1 - UNKNOWN)
refBoard (x32 Version: 1.0.1 - UNKNOWN) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Styx: Master of Shadows (HKLM-x32\...\Steam App 242640) (Version:  - Cyanide Studio)
Substance Designer 4 (HKLM-x32\...\Steam App 238710) (Version:  - Allegorithmic)
Substance Painter (HKLM-x32\...\Steam App 273390) (Version:  - Allegorithmic)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
TortoiseSVN 1.8.7.25475 (64 bit) (HKLM\...\{A8573F59-C080-4495-A9A8-EC32D8A4ECFF}) (Version: 1.8.25475 - TortoiseSVN)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unreal Development Kit: 2013-07 (HKLM\...\UDK-94c569a0-2570-46f4-bf6f-8b24cd546722) (Version:  - Epic Games, Inc.)
Unreal Engine (HKLM\...\{5484E0B8-7450-47B3-849F-C95FB6D38303}) (Version: 1.1.7.0 - Epic Games, Inc.)
Unreal Tournament 2004 (HKLM-x32\...\{394DC0BC-5476-4260-B52C-BDE1BDEFA958}) (Version: 1.00.0000 - Epic Games)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
World Machine 2.3 Basic Edition (HKLM-x32\...\World Machine2Basic) (Version:  - )
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version:  - )
xNormal 3.18.6 (HKLM\...\xNormal 3.18.6) (Version:  - Santiago Orgaz)
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File
CustomCLSID: HKU\S-1-5-21-3316766629-2442458801-244027669-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

30-12-2014 03:20:05 Geplanter Prüfpunkt
07-01-2015 14:17:48 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
07-01-2015 14:17:54 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
10-01-2015 16:17:53 Revo Uninstaller's restore point - SpeedFan (remove only)
15-01-2015 12:49:32 Removed Java 7 Update 67 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-02-12 20:49 - 00000908 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16981073-6E76-472C-972A-29ADB84025C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001Core => C:\Users\Tilman\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-15] (Google Inc.)
Task: {17BCD93F-E8FB-44F1-93F7-1F5D5489FC19} - \Shut down No Task File <==== ATTENTION
Task: {4E2AC6E9-1A8E-447E-B97B-80DAD9990AC3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-18] (Microsoft Corporation)
Task: {64982D52-E638-4240-AE0A-783AE780C426} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001UA => C:\Users\Tilman\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-15] (Google Inc.)
Task: {710C2983-4420-4CD6-BABF-BCEB9B2C9FE2} - System32\Tasks\Download Runterfahren => C:\windows\system32\shutdown.exe [2014-10-29] (Microsoft Corporation)
Task: {82FB21CD-3C49-4BE7-B3A8-850F2AED772B} - System32\Tasks\Go sleep => C:\windows\system32\shutdown.exe [2014-10-29] (Microsoft Corporation)
Task: {A9B8291E-A8A4-4FC2-B506-901AFEB1D280} - System32\Tasks\{FEE863F6-7CD3-4E8A-A77F-11B6B7D19815} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.13.0.104&amp;LastError=12007
Task: {BE621329-2279-4255-88B1-8284A7BE8E91} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D3256629-A717-4E7C-9A3B-B8D86299BA79} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EDC7F8BF-97FE-46B3-825C-6E2FA98B3C2E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001Core.job => C:\Users\Tilman\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001UA.job => C:\Users\Tilman\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-07 15:11 - 2014-12-30 19:07 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-10-24 23:23 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-06 19:37 - 2014-05-06 19:37 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-05-06 19:37 - 2014-05-06 19:37 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-02-06 14:16 - 2013-12-04 17:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-07-28 19:29 - 2014-07-28 19:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-28 19:32 - 2014-07-28 19:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-28 19:29 - 2014-07-28 19:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-28 19:31 - 2014-07-28 19:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-11-25 22:15 - 2014-11-25 22:15 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-01-15 14:06 - 2015-01-15 14:04 - 00050477 _____ () C:\Users\Tilman\Desktop\Defogger.exe
2014-05-07 12:22 - 2014-09-04 04:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-05-07 12:22 - 2014-09-04 04:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-05-05 21:21 - 2014-05-05 21:21 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-05-05 21:20 - 2014-05-05 21:20 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2014-12-02 13:51 - 2014-12-02 13:51 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Tilman\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "ROCCAT Savu Gaming Mouse"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"

========================= Accounts: ==========================

Administrator (S-1-5-21-3316766629-2442458801-244027669-500 - Administrator - Disabled)
Gast (S-1-5-21-3316766629-2442458801-244027669-501 - Limited - Disabled)
Tilman (S-1-5-21-3316766629-2442458801-244027669-1001 - Administrator - Enabled) => C:\Users\Tilman

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2015 02:05:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (01/15/2015 01:12:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/15/2015 00:55:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (01/15/2015 00:55:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (01/15/2015 00:55:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (01/15/2015 11:20:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/15/2015 11:20:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/15/2015 11:11:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WSCommCntr4.exe, Version: 4.0.3.0, Zeitstempel: 0x50dcb523
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17476, Zeitstempel: 0x54516b13
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000038b36
ID des fehlerhaften Prozesses: 0x1728
Startzeit der fehlerhaften Anwendung: 0xWSCommCntr4.exe0
Pfad der fehlerhaften Anwendung: WSCommCntr4.exe1
Pfad des fehlerhaften Moduls: WSCommCntr4.exe2
Berichtskennung: WSCommCntr4.exe3
Vollständiger Name des fehlerhaften Pakets: WSCommCntr4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WSCommCntr4.exe5

Error: (01/14/2015 08:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WSCommCntr4.exe, Version: 4.0.3.0, Zeitstempel: 0x50dcb523
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17476, Zeitstempel: 0x54516b13
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000038b36
ID des fehlerhaften Prozesses: 0x1084
Startzeit der fehlerhaften Anwendung: 0xWSCommCntr4.exe0
Pfad der fehlerhaften Anwendung: WSCommCntr4.exe1
Pfad des fehlerhaften Moduls: WSCommCntr4.exe2
Berichtskennung: WSCommCntr4.exe3
Vollständiger Name des fehlerhaften Pakets: WSCommCntr4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WSCommCntr4.exe5

Error: (01/14/2015 01:00:01 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


System errors:
=============
Error: (01/14/2015 03:21:31 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.5.11.41
registriert werden. Der Computer mit IP-Adresse 10.5.10.129 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/14/2015 00:04:30 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.5.11.41
registriert werden. Der Computer mit IP-Adresse 10.5.10.129 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/14/2015 11:45:20 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.5.11.41
registriert werden. Der Computer mit IP-Adresse 10.5.10.129 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/14/2015 11:40:10 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.5.11.41
registriert werden. Der Computer mit IP-Adresse 10.5.10.129 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/13/2015 05:00:30 AM) (Source: DCOM) (EventID: 10010) (User: TILMANN-LAPTOP)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (01/08/2015 09:39:35 AM) (Source: Virtual Disk Service) (EventID: 10) (User: )
Description: Fehler beim Schreiben eines Startcodes auf einen Datenträger durch VDS während eines Bereinigungsvorgangs. Fehlercode: 80070015@02070008

Error: (01/08/2015 09:38:34 AM) (Source: Virtual Disk Service) (EventID: 10) (User: )
Description: Fehler beim Schreiben eines Startcodes auf einen Datenträger durch VDS während eines Bereinigungsvorgangs. Fehlercode: 80070015@02070008

Error: (01/08/2015 09:37:04 AM) (Source: Virtual Disk Service) (EventID: 10) (User: )
Description: Fehler beim Schreiben eines Startcodes auf einen Datenträger durch VDS während eines Bereinigungsvorgangs. Fehlercode: 80070015@02070008

Error: (01/06/2015 04:18:19 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.5.11.39
registriert werden. Der Computer mit IP-Adresse 10.5.9.52 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/05/2015 01:53:23 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.


Microsoft Office Sessions:
=========================
Error: (01/15/2015 02:05:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestF:\Downloads\esetsmartinstaller_deu.exe

Error: (01/15/2015 01:12:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/15/2015 00:55:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Tilman\Desktop\esetsmartinstaller_deu.exe

Error: (01/15/2015 00:55:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Tilman\Desktop\esetsmartinstaller_deu.exe

Error: (01/15/2015 00:55:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestF:\Downloads\esetsmartinstaller_deu.exe

Error: (01/15/2015 11:20:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\Autodesk\composite2014\python\lib\distutils\command\wininst-8_d.exe

Error: (01/15/2015 11:20:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe

Error: (01/15/2015 11:11:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WSCommCntr4.exe4.0.3.050dcb523ntdll.dll6.3.9600.1747654516b13c00000050000000000038b36172801d030abb19744bfC:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exeC:\WINDOWS\SYSTEM32\ntdll.dllef87b06f-9c9e-11e4-8331-0090f5ef372e

Error: (01/14/2015 08:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WSCommCntr4.exe4.0.3.050dcb523ntdll.dll6.3.9600.1747654516b13c00000050000000000038b36108401d03031d3c0f5e6C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exeC:\WINDOWS\SYSTEM32\ntdll.dll118710d3-9c25-11e4-8331-0090f5ef372e

Error: (01/14/2015 01:00:01 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4900MQ CPU @ 2.80GHz
Percentage of memory in use: 15%
Total physical RAM: 24496.36 MB
Available physical RAM: 20752.5 MB
Total Pagefile: 28080.36 MB
Available Pagefile: 24574.48 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:7.39 GB) NTFS
Drive f: (HDD) (Fixed) (Total:931.51 GB) (Free:558.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: E957935A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FEEFE4F3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

FRST Log:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Tilman (administrator) on TILMANN-LAPTOP on 15-01-2015 14:11:39
Running from C:\Users\Tilman\Desktop
Loaded Profiles: Tilman (Available profiles: Tilman)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(The Eraser Project) F:\Programme\Eraser\Eraser.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Tilman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Elaborate Bytes AG) F:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Tilman\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => F:\Programme\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AutoShutdownManager] => F:\Program Files (x86)\AutoShutdownManager\AutoShutdownManager.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => F:\Programme\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => F:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [iTunesHelper] => F:\Programme\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Auto] => D:\autorun.exe
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Spotify Web Helper] => C:\Users\Tilman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Google Update] => C:\Users\Tilman\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-15] (Google Inc.)
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [pricefountainw.exe] => C:\Users\Tilman\AppData\Local\PriceFountain\pricefountainw.exe HKEY_CURRENT_USER Software\PriceFountain
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {30051a22-9181-11e3-8251-fcf8ae69c200} - "G:\setup.exe" 
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {c09c35a3-8f10-11e3-824b-806e6f6e6963} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {ff906f68-e908-11e3-8275-0090f5ef372e} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {ff906f85-e908-11e3-8275-0090f5ef372e} - "H:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420051028&from=cor&uid=SamsungXSSDX840XPROXSeries_S1ATNSADB40265L&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420051028&from=cor&uid=SamsungXSSDX840XPROXSeries_S1ATNSADB40265L&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420051028&from=cor&uid=SamsungXSSDX840XPROXSeries_S1ATNSADB40265L&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420051028&from=cor&uid=SamsungXSSDX840XPROXSeries_S1ATNSADB40265L&q={searchTerms}
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> F:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\Tilman\AppData\Local\PriceFountain\PriceFountainIE.dll No File
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.5.8.1 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> F:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> F:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tilman\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @talk.google.com/O1DPlugin -> C:\Users\Tilman\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tilman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\Tilman\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tilman\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: YouTube Unblocker - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-05]
FF Extension: DownloadHelper - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: ProxTube - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: Enhanced Steam - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid0-SmvlvxGpvCyG252KbVMqIKR79Uc@jetpack.xpi [2014-09-08]
FF Extension: Lightbeam - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-02-06]
FF Extension: Pin It Button - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-12-21]
FF Extension: Media Hint - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\mediahint@jetpack.xpi [2014-03-29]
FF Extension: Personas Plus - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\personas@christopher.beard.xpi [2014-02-06]
FF Extension: /r/Diablo Browser Extension - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\rdiablo@chaosteil.net.xpi [2014-10-28]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2014-02-06]
FF Extension: web Updater Pro - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{5d0e19f6-7469-41e3-b1b4-04df991006a8}.xpi [2014-11-15]
FF Extension: ImTranslator - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2014-02-13]
FF Extension: {a127eaee-23c6-402d-8a2f-6c388f0624e6} - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{a127eaee-23c6-402d-8a2f-6c388f0624e6}.xpi [2014-11-11]
FF Extension: Adblock Plus - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-06]
FF Extension: Greasemonkey - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-06]
FF Extension: Open With Photoshop - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}.xpi [2014-07-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-29]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-06]
FF HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; F:\Programme\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-12-30] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-12-30] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2014-12-31] (Fuyu LIMITED) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-06] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-06] (Kaspersky Lab ZAO)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-01-23] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-01-23] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700680 2014-01-23] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 14:11 - 2015-01-15 14:12 - 00030886 _____ () C:\Users\Tilman\Desktop\FRST.txt
2015-01-15 14:11 - 2015-01-15 14:11 - 00000000 ____D () C:\FRST
2015-01-15 14:10 - 2015-01-15 14:09 - 02125312 _____ (Farbar) C:\Users\Tilman\Desktop\FRST64.exe
2015-01-15 14:07 - 2015-01-15 14:07 - 00000474 _____ () C:\Users\Tilman\Desktop\defogger_disable.log
2015-01-15 14:07 - 2015-01-15 14:07 - 00000000 _____ () C:\Users\Tilman\defogger_reenable
2015-01-15 14:06 - 2015-01-15 14:04 - 00050477 _____ () C:\Users\Tilman\Desktop\Defogger.exe
2015-01-15 14:06 - 2015-01-15 14:03 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Tilman\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-15 12:55 - 2015-01-15 12:55 - 02347384 _____ (ESET) C:\Users\Tilman\Desktop\esetsmartinstaller_deu.exe
2015-01-15 12:49 - 2015-01-15 12:49 - 00421350 _____ () C:\Users\Tilman\Desktop\bookmarks-2015-01-15.json
2015-01-14 16:40 - 2015-01-14 16:40 - 00011557 _____ () C:\Users\Tilman\Desktop\Neuer PC.xlsx
2015-01-07 14:20 - 2015-01-07 14:20 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Mootools
2015-01-07 14:17 - 2015-01-07 14:17 - 00000915 _____ () C:\Users\Public\Desktop\Polygon Cruncher (x64 bits) 10.51.lnk
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\ProgramData\Mootools
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polygon Cruncher (x64 bits)
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\Program Files\Polygon Cruncher
2014-12-31 20:36 - 2015-01-10 15:41 - 00000096 _____ () C:\Users\Tilman\AppData\Roaming\WB.CFG
2014-12-31 19:37 - 2014-12-31 19:37 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-31 19:36 - 2015-01-10 16:30 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\PriceFountain
2014-12-31 19:36 - 2015-01-10 16:30 - 00000000 ____D () C:\Users\Tilman\AppData\Local\PriceFountain
2014-12-31 19:36 - 2015-01-01 18:42 - 00000951 _____ () C:\Users\Tilman\Desktop\JDownloader.lnk
2014-12-30 19:04 - 2014-12-30 19:04 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-30 04:33 - 2014-12-30 04:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2014-12-29 18:44 - 2014-12-29 18:44 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\DVDVideoSoftIEHelpers
2014-12-29 18:40 - 2014-12-29 18:40 - 00001124 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-12-29 18:40 - 2014-12-29 18:40 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-12-26 10:55 - 2014-12-26 10:55 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 02:53 - 2014-12-27 13:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-18 09:43 - 2014-12-18 09:43 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Skyrim
2014-12-18 01:45 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-18 01:45 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-12-18 01:45 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-12-18 01:45 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-12-18 01:45 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-12-18 01:45 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-12-18 01:45 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2014-12-18 01:45 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-12-18 01:45 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-12-18 01:45 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-12-18 01:45 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-12-18 01:45 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-12-18 01:45 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-12-18 01:45 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-18 01:45 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-12-18 01:45 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-12-18 01:45 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-12-18 01:45 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-12-18 01:45 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-12-18 01:45 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-12-18 01:45 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-18 01:45 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-12-18 01:45 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-12-18 01:45 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-12-18 01:45 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-12-18 01:45 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-12-18 01:45 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-12-18 01:45 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-12-18 01:45 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-18 01:45 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-18 01:45 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-12-18 01:45 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-12-18 01:45 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-12-18 01:45 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-12-18 01:45 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-12-18 01:45 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-12-18 01:45 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-12-18 01:45 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-12-18 01:45 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-12-18 01:45 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2014-12-18 01:45 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2014-12-18 01:45 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2014-12-18 01:45 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2014-12-18 01:45 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2014-12-18 01:45 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2014-12-18 01:45 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2014-12-18 01:45 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2014-12-18 01:45 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2014-12-18 01:45 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2014-12-18 01:45 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2014-12-18 01:45 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2014-12-18 01:45 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-12-18 01:45 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-12-18 01:45 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2014-12-18 01:45 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-18 01:45 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2014-12-18 01:45 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-18 01:45 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-18 01:45 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-12-18 01:45 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-12-18 01:45 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2014-12-18 01:45 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2014-12-18 01:45 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-12-18 01:45 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-12-18 01:45 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-12-18 01:45 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-12-18 01:45 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2014-12-18 01:45 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2014-12-18 01:45 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2014-12-18 01:45 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-12-18 01:45 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-12-18 01:45 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-12-18 01:45 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-12-18 01:45 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-12-18 01:45 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-12-18 01:45 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2014-12-18 01:45 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2014-12-18 01:45 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-12-18 01:45 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2014-12-18 01:45 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-12-18 01:45 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-12-18 01:45 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-12-18 01:45 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-18 01:45 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-18 01:45 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-12-18 01:45 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-18 01:45 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-18 01:45 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-12-18 01:45 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2014-12-18 01:45 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2014-12-18 01:45 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2014-12-18 01:45 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-12-18 01:45 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2014-12-18 01:45 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2014-12-18 01:45 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2014-12-18 01:45 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-12-18 01:45 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2014-12-18 01:45 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2014-12-18 01:45 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-12-18 01:45 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2014-12-18 01:45 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2014-12-18 01:45 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2014-12-18 01:45 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2014-12-18 01:45 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2014-12-18 01:45 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-12-18 01:45 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2014-12-18 01:45 - 2014-10-17 05:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-18 01:45 - 2014-10-17 05:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-18 01:45 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-18 01:45 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-18 01:43 - 2014-12-18 01:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-12-18 01:43 - 2014-12-18 01:52 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-12-18 01:42 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-18 01:42 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-12-18 01:26 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-18 01:26 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-17 16:10 - 2014-12-24 19:03 - 00000000 ____D () C:\Users\Tilman\Desktop\Messer Screenshots
2014-12-17 12:29 - 2014-12-24 19:03 - 00000931 _____ () C:\Users\Tilman\Desktop\Marmoset Toolbag 2.lnk
2014-12-17 12:29 - 2014-12-17 12:29 - 00000917 _____ () C:\Users\Tilman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marmoset Toolbag 2.lnk
2014-12-17 12:29 - 2014-12-17 12:29 - 00000000 ____D () C:\Program Files\Marmoset Toolbag 2
2014-12-17 00:13 - 2014-12-17 00:13 - 00000000 ____D () C:\Users\Tilman\Documents\Steam Cloud
2014-12-16 12:08 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-16 12:08 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 14:08 - 2014-02-06 10:33 - 01761647 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-15 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-15 14:07 - 2014-02-06 10:41 - 00000000 ____D () C:\Users\Tilman
2015-01-15 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-15 13:48 - 2014-02-06 11:39 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-15 13:23 - 2014-02-06 10:37 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-15 13:23 - 2013-08-23 00:24 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-15 13:23 - 2013-08-23 00:24 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-15 13:17 - 2014-09-15 23:01 - 00001154 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001UA.job
2015-01-15 13:12 - 2014-02-06 10:46 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3316766629-2442458801-244027669-1001
2015-01-15 12:50 - 2014-10-21 09:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-15 12:50 - 2014-02-12 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-15 12:42 - 2014-02-06 12:05 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\Spotify
2015-01-15 12:17 - 2014-09-15 23:01 - 00001102 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001Core.job
2015-01-15 11:11 - 2014-08-16 16:29 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Adobe
2015-01-15 11:08 - 2014-05-27 11:34 - 00000000 ____D () C:\Users\Tilman\AppData\Local\TSVNCache
2015-01-14 22:14 - 2014-02-06 16:37 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\TS3Client
2015-01-14 11:42 - 2014-02-06 22:51 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Battle.net
2015-01-14 11:37 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-14 05:00 - 2013-08-22 14:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-13 15:11 - 2013-08-22 15:46 - 00076662 _____ () C:\WINDOWS\setupact.log
2015-01-13 02:42 - 2014-09-17 23:07 - 00003438 _____ () C:\WINDOWS\System32\Tasks\Go sleep
2015-01-12 19:58 - 2014-02-06 12:07 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Spotify
2015-01-11 11:27 - 2014-02-14 03:12 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 02:05 - 2014-08-17 20:11 - 00000026 _____ () C:\Users\Tilman\Desktop\Folge.txt
2015-01-10 22:25 - 2014-02-28 14:36 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-10 16:30 - 2014-02-06 10:32 - 00076392 _____ () C:\WINDOWS\PFRO.log
2015-01-10 16:20 - 2014-06-13 20:13 - 00000000 ____D () C:\Users\Tilman\Documents\Audible
2015-01-08 22:53 - 2014-02-28 14:36 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-01-07 14:17 - 2014-02-06 12:21 - 00000000 ____D () C:\Program Files\Autodesk
2015-01-07 09:22 - 2014-05-15 13:52 - 00000000 ____D () C:\Users\Tilman\Documents\Substance Painter
2015-01-07 09:18 - 2014-07-14 14:46 - 00000000 ____D () C:\Users\Tilman\Documents\Unreal Projects
2015-01-01 18:48 - 2014-02-14 11:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-01 18:47 - 2014-10-21 09:06 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-01 18:47 - 2014-10-21 09:06 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-01 18:47 - 2014-10-21 09:06 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-01 18:42 - 2014-02-12 12:48 - 00000915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-01-01 18:42 - 2014-02-12 12:48 - 00000867 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-01-01 18:42 - 2014-02-12 12:48 - 00000850 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-12-31 02:24 - 2014-03-18 19:15 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\vlc
2014-12-30 19:07 - 2014-06-07 15:11 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-12-30 04:32 - 2014-02-28 14:36 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-30 04:32 - 2014-02-06 13:08 - 00446757 _____ () C:\WINDOWS\DirectX.log
2014-12-29 18:40 - 2014-03-26 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-29 18:40 - 2014-03-26 12:18 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\DVDVideoSoft
2014-12-24 19:03 - 2014-03-12 10:11 - 00000132 _____ () C:\Users\Tilman\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-12-22 22:12 - 2014-02-10 15:56 - 00000000 ____D () C:\Users\Tilman\Documents\my games
2014-12-19 20:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-18 01:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-18 01:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-18 01:49 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 01:48 - 2014-02-08 04:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-18 01:48 - 2014-02-06 11:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-18 01:46 - 2014-02-08 04:38 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-18 01:45 - 2014-11-12 13:00 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-12-18 01:43 - 2014-09-11 11:33 - 00000000 ____D () C:\Temp
2014-12-18 01:43 - 2014-02-06 10:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-17 16:16 - 2014-05-02 17:26 - 00000132 _____ () C:\Users\Tilman\AppData\Roaming\Adobe Targa Format CS6 Prefs

Files to move or delete:
====================
C:\Users\Tilman\{0B58B8BE-ECA4-40FE-BC61-189F9B1A2330}.dat


Some content of TEMP:
====================
C:\Users\Tilman\AppData\Local\Temp\01IYYlgJF3G4L2MY.dll
C:\Users\Tilman\AppData\Local\Temp\093U3rS416pze9kl.dll
C:\Users\Tilman\AppData\Local\Temp\0Dx9mguVpzN67xx5.dll
C:\Users\Tilman\AppData\Local\Temp\0GAB2NhX3BGnx1J8.dll
C:\Users\Tilman\AppData\Local\Temp\0i6IdX2h0zyc2sW9.dll
C:\Users\Tilman\AppData\Local\Temp\0j6fBL05t1Ut8v6q.dll
C:\Users\Tilman\AppData\Local\Temp\0ZpRdb7CBO87fJ3A.dll
C:\Users\Tilman\AppData\Local\Temp\0Zv1a1BS2Kzg14sO.dll
C:\Users\Tilman\AppData\Local\Temp\130645245069611062.exe
C:\Users\Tilman\AppData\Local\Temp\13064524524444686713.exe
C:\Users\Tilman\AppData\Local\Temp\130646076301913565.exe
C:\Users\Tilman\AppData\Local\Temp\13064607648051933527.exe
C:\Users\Tilman\AppData\Local\Temp\152FpzxP7fvOKg41.dll
C:\Users\Tilman\AppData\Local\Temp\15jRHMoBSeg65F64.dll
C:\Users\Tilman\AppData\Local\Temp\1oK73bcUwBvroCuv.dll
C:\Users\Tilman\AppData\Local\Temp\1R4B23Q231a2kCfy.dll
C:\Users\Tilman\AppData\Local\Temp\1UdER16p98Z24iVU.dll
C:\Users\Tilman\AppData\Local\Temp\234PxnlK4hmnx0u7.dll
C:\Users\Tilman\AppData\Local\Temp\269Lo5edn5kEcc39.dll
C:\Users\Tilman\AppData\Local\Temp\2Uec9Im5Y7bh1jL5.dll
C:\Users\Tilman\AppData\Local\Temp\32A760CEtp6Cc1p0.dll
C:\Users\Tilman\AppData\Local\Temp\36uoB7u629675XwQ.dll
C:\Users\Tilman\AppData\Local\Temp\379que2DB4GXavXP.dll
C:\Users\Tilman\AppData\Local\Temp\37Du1w94b83qoE0K.dll
C:\Users\Tilman\AppData\Local\Temp\3h85vFMh50w0BGnh.dll
C:\Users\Tilman\AppData\Local\Temp\3i4obhVx0OYoii4p.dll
C:\Users\Tilman\AppData\Local\Temp\3ICogG56wLzTPSjO.dll
C:\Users\Tilman\AppData\Local\Temp\3JUGp3663FL6XDPa.dll
C:\Users\Tilman\AppData\Local\Temp\3Kni49xJQ3lme7Zj.dll
C:\Users\Tilman\AppData\Local\Temp\50comupd.exe
C:\Users\Tilman\AppData\Local\Temp\50paF615edr5b109.dll
C:\Users\Tilman\AppData\Local\Temp\5F60gv6t5F58INWU.dll
C:\Users\Tilman\AppData\Local\Temp\5kY7t0Tg8h11c1VX.dll
C:\Users\Tilman\AppData\Local\Temp\5nLfWzyV39ThxZi9.dll
C:\Users\Tilman\AppData\Local\Temp\5RqWo3q03w4i7oyU.dll
C:\Users\Tilman\AppData\Local\Temp\5yFiZb74pm6f98QU.dll
C:\Users\Tilman\AppData\Local\Temp\62OjM44IzGwLx94S.dll
C:\Users\Tilman\AppData\Local\Temp\69e21e0Cx1cAU766.dll
C:\Users\Tilman\AppData\Local\Temp\6tV85v32dhqo6uv2.dll
C:\Users\Tilman\AppData\Local\Temp\6vzO6Z2e2o5z2SGk.dll
C:\Users\Tilman\AppData\Local\Temp\75S5ee0D2MTyGVcs.dll
C:\Users\Tilman\AppData\Local\Temp\7AsS3J0C13M6T9r1.dll
C:\Users\Tilman\AppData\Local\Temp\7bpNZ99KY6WVTh70.dll
C:\Users\Tilman\AppData\Local\Temp\7bU3ZZ4a4YJcuBD8.dll
C:\Users\Tilman\AppData\Local\Temp\7jZXs96MuhbOMWPn.dll
C:\Users\Tilman\AppData\Local\Temp\7L8St05e1bxs7J62.dll
C:\Users\Tilman\AppData\Local\Temp\82uiF35QZ2XTvj0i.dll
C:\Users\Tilman\AppData\Local\Temp\8GgMaGt470qIw5Nt.dll
C:\Users\Tilman\AppData\Local\Temp\8oUkPomYWe7J3447.dll
C:\Users\Tilman\AppData\Local\Temp\975nZZ448z3p4t7L.dll
C:\Users\Tilman\AppData\Local\Temp\9BQDrlrTf7vwRQ26.dll
C:\Users\Tilman\AppData\Local\Temp\9Fjs3t2uB7uAi835.dll
C:\Users\Tilman\AppData\Local\Temp\9J7LeT2Y1Qi4lJ40.dll
C:\Users\Tilman\AppData\Local\Temp\9OImme96m7m2l77f.dll
C:\Users\Tilman\AppData\Local\Temp\a03cQ9KxrrQrV279.dll
C:\Users\Tilman\AppData\Local\Temp\AcDeltree.exe
C:\Users\Tilman\AppData\Local\Temp\AHyYO4M7s1p48IEO.dll
C:\Users\Tilman\AppData\Local\Temp\anp4jcJR700FG8YA.dll
C:\Users\Tilman\AppData\Local\Temp\ASQE2xN81mY38GU2.dll
C:\Users\Tilman\AppData\Local\Temp\aYl8EgLB57BWM1nU.dll
C:\Users\Tilman\AppData\Local\Temp\B3vKKu47t9cDqC84.dll
C:\Users\Tilman\AppData\Local\Temp\b6r6009sCIw7asv4.dll
C:\Users\Tilman\AppData\Local\Temp\BCMVk04f2u9I8J19.dll
C:\Users\Tilman\AppData\Local\Temp\bHYK074s9nuHlkY9.dll
C:\Users\Tilman\AppData\Local\Temp\BvMgAu70JHk519em.dll
C:\Users\Tilman\AppData\Local\Temp\C2wX4IbeuThEZQ1d.dll
C:\Users\Tilman\AppData\Local\Temp\CC72v5RXNsMS44O4.dll
C:\Users\Tilman\AppData\Local\Temp\cFc5yM2wm39o9dW2.dll
C:\Users\Tilman\AppData\Local\Temp\Ck7h8Xz953BIgUln.dll
C:\Users\Tilman\AppData\Local\Temp\d44C8H7Kk9cOBOs7.dll
C:\Users\Tilman\AppData\Local\Temp\d6IcEIkQA4qgTd2C.dll
C:\Users\Tilman\AppData\Local\Temp\Di6Ry1zS96114lQE.dll
C:\Users\Tilman\AppData\Local\Temp\ebRcr13I8BmB4qby.dll
C:\Users\Tilman\AppData\Local\Temp\eL08i5c44qcwWv6U.dll
C:\Users\Tilman\AppData\Local\Temp\eLR5V26ojkna2598.dll
C:\Users\Tilman\AppData\Local\Temp\F1S2LnzxWXomQZwO.dll
C:\Users\Tilman\AppData\Local\Temp\f5szPHcF78hkwagR.dll
C:\Users\Tilman\AppData\Local\Temp\Fhop04f518A6KHwa.dll
C:\Users\Tilman\AppData\Local\Temp\fileutil.dll
C:\Users\Tilman\AppData\Local\Temp\Fj76565ynGDx503r.dll
C:\Users\Tilman\AppData\Local\Temp\fN97GWBk8k1meFnq.dll
C:\Users\Tilman\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Tilman\AppData\Local\Temp\Fu56abHzmM1C398d.dll
C:\Users\Tilman\AppData\Local\Temp\g1qNGW9zPL1eUVYH.dll
C:\Users\Tilman\AppData\Local\Temp\G2p434EK116DD8Vg.dll
C:\Users\Tilman\AppData\Local\Temp\G3mnSTDKB79WCI5D.dll
C:\Users\Tilman\AppData\Local\Temp\g42Qan2juQrhHBzm.dll
C:\Users\Tilman\AppData\Local\Temp\G9uc342CT99lt0ge.dll
C:\Users\Tilman\AppData\Local\Temp\GGsHJhDz3kCY4XQj.dll
C:\Users\Tilman\AppData\Local\Temp\Ha2vcpN4Y4PtayCZ.dll
C:\Users\Tilman\AppData\Local\Temp\hQZV68pP9N2lcf62.dll
C:\Users\Tilman\AppData\Local\Temp\hwq2R7901UtiOUA5.dll
C:\Users\Tilman\AppData\Local\Temp\IaV1961FS7a9I7Kq.dll
C:\Users\Tilman\AppData\Local\Temp\IC9O29hpP6G3T87F.dll
C:\Users\Tilman\AppData\Local\Temp\Install Quixel SUITE.exe
C:\Users\Tilman\AppData\Local\Temp\iwKzqLKBH2T7rml4.dll
C:\Users\Tilman\AppData\Local\Temp\iZnr05c2KNMiR29l.dll
C:\Users\Tilman\AppData\Local\Temp\J45t6LdvaT45XqsH.dll
C:\Users\Tilman\AppData\Local\Temp\J5NXanXqg9mmeM0s.dll
C:\Users\Tilman\AppData\Local\Temp\jBl9RZ0tw1wueWRy.dll
C:\Users\Tilman\AppData\Local\Temp\jQ4SsYD6vLtuWtMi.dll
C:\Users\Tilman\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\k4187gVfX6h59i0X.dll
C:\Users\Tilman\AppData\Local\Temp\k45lQji78UejGPbs.dll
C:\Users\Tilman\AppData\Local\Temp\Kd07a08UnMm4H6O4.dll
C:\Users\Tilman\AppData\Local\Temp\KS3QOM3V2uVE316J.dll
C:\Users\Tilman\AppData\Local\Temp\KW3HMQ7XwdZH3PFv.dll
C:\Users\Tilman\AppData\Local\Temp\kY19X9gx6iGoUuXB.dll
C:\Users\Tilman\AppData\Local\Temp\LMpP9ZeM64g88u40.dll
C:\Users\Tilman\AppData\Local\Temp\lxi5fsE5r4q7I47i.dll
C:\Users\Tilman\AppData\Local\Temp\m822Qvh33647SJMB.dll
C:\Users\Tilman\AppData\Local\Temp\MGHbY4BDr6Kz29nL.dll
C:\Users\Tilman\AppData\Local\Temp\my8DrnFnE2e9a9L6.dll
C:\Users\Tilman\AppData\Local\Temp\N5Swx5yaOMPrJP9o.dll
C:\Users\Tilman\AppData\Local\Temp\n7HTEUfc33aIOS8J.dll
C:\Users\Tilman\AppData\Local\Temp\n8n0wMRWd96jD895.dll
C:\Users\Tilman\AppData\Local\Temp\nK674wxs4rX76rdB.dll
C:\Users\Tilman\AppData\Local\Temp\NNdWj2w0kqWDg4UE.dll
C:\Users\Tilman\AppData\Local\Temp\NTy095bZlyvTQb56.dll
C:\Users\Tilman\AppData\Local\Temp\Nv5uh6tJNY07R88K.dll
C:\Users\Tilman\AppData\Local\Temp\og5PIzWO7YCnIgtc.dll
C:\Users\Tilman\AppData\Local\Temp\oIParY90Q4np85AX.dll
C:\Users\Tilman\AppData\Local\Temp\oy9680KCi3srZ7g7.dll
C:\Users\Tilman\AppData\Local\Temp\P54TYIFMpzcS6k01.dll
C:\Users\Tilman\AppData\Local\Temp\PemchFSP4lER1lXK.dll
C:\Users\Tilman\AppData\Local\Temp\pK6BZe927YD2itKl.dll
C:\Users\Tilman\AppData\Local\Temp\PlF5TfHPn76L7gI8.dll
C:\Users\Tilman\AppData\Local\Temp\QIW6J9MWP4TM5qAV.dll
C:\Users\Tilman\AppData\Local\Temp\qtG1mQ2Dp9C8Gw64.dll
C:\Users\Tilman\AppData\Local\Temp\r5wJs3B2Q48i0bC9.dll
C:\Users\Tilman\AppData\Local\Temp\R6fY47gI7VL1ZQax.dll
C:\Users\Tilman\AppData\Local\Temp\RB5gpcD6SGM0rX3N.dll
C:\Users\Tilman\AppData\Local\Temp\Rd223rDK2zp07d3H.dll
C:\Users\Tilman\AppData\Local\Temp\rHD4Ck7IluX9S17R.dll
C:\Users\Tilman\AppData\Local\Temp\rZK0daFQ2J5N3vgV.dll
C:\Users\Tilman\AppData\Local\Temp\S46nfxrcQ95s93vE.dll
C:\Users\Tilman\AppData\Local\Temp\s764FMNifJWa90BS.dll
C:\Users\Tilman\AppData\Local\Temp\SendRpt.exe
C:\Users\Tilman\AppData\Local\Temp\Setup.exe
C:\Users\Tilman\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Tilman\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Tilman\AppData\Local\Temp\sfareca00001.dll
C:\Users\Tilman\AppData\Local\Temp\sfextra.dll
C:\Users\Tilman\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tilman\AppData\Local\Temp\sonarinst.exe
C:\Users\Tilman\AppData\Local\Temp\Sw8433mLpF9mBm62.dll
C:\Users\Tilman\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Tilman\AppData\Local\Temp\SX0YJ08LjW5Wv58U.dll
C:\Users\Tilman\AppData\Local\Temp\TIoLU62brzkHNZEg.dll
C:\Users\Tilman\AppData\Local\Temp\ULn1UWChNxH29xN9.dll
C:\Users\Tilman\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Tilman\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\Tilman\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Tilman\AppData\Local\Temp\VmrlZ32fX40GSGXB.dll
C:\Users\Tilman\AppData\Local\Temp\vspCyhtNl2KQ5M1f.dll
C:\Users\Tilman\AppData\Local\Temp\W1wN02Fe67Uj1539.dll
C:\Users\Tilman\AppData\Local\Temp\Wildstar.exe
C:\Users\Tilman\AppData\Local\Temp\Ww76D0yv4jP85Zj8.dll
C:\Users\Tilman\AppData\Local\Temp\wZ4ApBO86gYS1Gnt.dll
C:\Users\Tilman\AppData\Local\Temp\X6wZx7591e5H1IMH.dll
C:\Users\Tilman\AppData\Local\Temp\Xq0g7L72LCXF4U3b.dll
C:\Users\Tilman\AppData\Local\Temp\xx9B6nIc5F80e6hm.dll
C:\Users\Tilman\AppData\Local\Temp\y1542E3q9u3DnWd2.dll
C:\Users\Tilman\AppData\Local\Temp\y74Eu0Q43iT8nrzY.dll
C:\Users\Tilman\AppData\Local\Temp\z6TVNidcS729c44n.dll
C:\Users\Tilman\AppData\Local\Temp\zbqaAvqbpMu6TmBB.dll
C:\Users\Tilman\AppData\Local\Temp\ZIO7H4Z3OQ391418.dll
C:\Users\Tilman\AppData\Local\Temp\ZKBIER5ld8Cv9OCK.dll
C:\Users\Tilman\AppData\Local\Temp\zx81VKyJ8vv964Tp.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-10 14:54

==================== End Of Log ============================
         

Defogger_disable log:

Code: Alles auswählenAufklappen

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:07 on 15/01/2015 (Tilman)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

mbam Log:

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 15.01.2015
Scan Time: 14:23:43
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.15.08
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Tilman

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 485888
Time Elapsed: 6 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1632, Delete-on-Reboot, [e8cce90e97f2181e35539331887955ab]

Modules: 0
(No malicious items detected)

Registry Keys: 6
PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, Quarantined, [e8cce90e97f2181e35539331887955ab], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [595b30c794f56acc415139b042c25ba5], 
PUP.Optional.ViView.A, HKLM\SOFTWARE\WOW6432NODE\vi-viewSoftware, Quarantined, [dfd540b79beec37357f017599a6901ff], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [e0d47384d6b32c0aebb5aecb877c2ed2], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3316766629-2442458801-244027669-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [b004c433fa8f41f51d7f7a39976c50b0], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3316766629-2442458801-244027669-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [971d9b5c20697fb7515e7a4fa460a25e], 

Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3316766629-2442458801-244027669-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, Quarantined, [971d9b5c20697fb7515e7a4fa460a25e]

Registry Data: 0
(No malicious items detected)

Folders: 5
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Delete-on-Reboot, [882c51a63752f0465a8bf45ab64dd62a], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [882c51a63752f0465a8bf45ab64dd62a], 
PUP.Optional.PriceFountain.A, C:\Users\Tilman\AppData\Roaming\PriceFountain, Quarantined, [a212ee09b8d1da5c4034abb1669dbd43], 
PUP.Optional.PriceFountain.A, C:\Users\Tilman\AppData\Local\PriceFountain, Quarantined, [4470ba3dff8a280e383df765d132d52b], 
PUP.Optional.PriceFountain.A, C:\Users\Tilman\AppData\Local\PriceFountain\logs, Quarantined, [4470ba3dff8a280e383df765d132d52b], 

Files: 1
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Delete-on-Reboot, [e8cce90e97f2181e35539331887955ab], 

Physical Sectors: 0
(No malicious items detected)


(end)
         

hi,

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Erstmal danke für die schnelle Antwort

Hier die logs.

AdwCleaner Log:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v4.107 - Bericht erstellt am 15/01/2015 um 17:53:44
# Aktualisiert 07/01/2015 von Xplode
# Database : 2015-01-13.2 [Live]
# Betriebssystem : Windows 8.1 Pro  (64 bits)
# Benutzername : Tilman - TILMANN-LAPTOP
# Gestartet von : C:\Users\Tilman\Desktop\AdwCleaner_4.107.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v35.0 (x86 de)

[c6i4b1mu.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[c6i4b1mu.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [3543 octets] - [15/01/2015 17:50:38]
AdwCleaner[R1].txt - [1998 octets] - [15/01/2015 17:53:09]
AdwCleaner[S0].txt - [2044 octets] - [15/01/2015 17:52:09]
AdwCleaner[S1].txt - [1457 octets] - [15/01/2015 17:53:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1517 octets] ##########
         

JRT Log:

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 Pro x64
Ran by Tilman on 15.01.2015 at 18:00:59,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Tilman\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Tilman\AppData\Roaming\mozilla\firefox\profiles\c6i4b1mu.default\minidumps [16 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.01.2015 at 18:03:29,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Log:


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Tilman (administrator) on TILMANN-LAPTOP on 15-01-2015 18:04:22
Running from C:\Users\Tilman\Desktop
Loaded Profiles: Tilman (Available profiles: Tilman)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(The Eraser Project) F:\Programme\Eraser\Eraser.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Tilman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Elaborate Bytes AG) F:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => F:\Programme\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AutoShutdownManager] => F:\Program Files (x86)\AutoShutdownManager\AutoShutdownManager.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => F:\Programme\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => F:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [iTunesHelper] => F:\Programme\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Auto] => D:\autorun.exe
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Spotify Web Helper] => C:\Users\Tilman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Google Update] => C:\Users\Tilman\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-15] (Google Inc.)
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {30051a22-9181-11e3-8251-fcf8ae69c200} - "G:\setup.exe" 
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {c09c35a3-8f10-11e3-824b-806e6f6e6963} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {ff906f68-e908-11e3-8275-0090f5ef372e} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {ff906f85-e908-11e3-8275-0090f5ef372e} - "H:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> F:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> F:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> F:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tilman\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @talk.google.com/O1DPlugin -> C:\Users\Tilman\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tilman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\Tilman\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tilman\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: YouTube Unblocker - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-05]
FF Extension: DownloadHelper - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: ProxTube - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: Enhanced Steam - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid0-SmvlvxGpvCyG252KbVMqIKR79Uc@jetpack.xpi [2014-09-08]
FF Extension: Lightbeam - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-02-06]
FF Extension: Pin It Button - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-12-21]
FF Extension: Media Hint - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\mediahint@jetpack.xpi [2014-03-29]
FF Extension: Personas Plus - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\personas@christopher.beard.xpi [2014-02-06]
FF Extension: /r/Diablo Browser Extension - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\rdiablo@chaosteil.net.xpi [2014-10-28]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2014-02-06]
FF Extension: web Updater Pro - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{5d0e19f6-7469-41e3-b1b4-04df991006a8}.xpi [2014-11-15]
FF Extension: ImTranslator - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2014-02-13]
FF Extension: {a127eaee-23c6-402d-8a2f-6c388f0624e6} - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{a127eaee-23c6-402d-8a2f-6c388f0624e6}.xpi [2014-11-11]
FF Extension: Adblock Plus - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-06]
FF Extension: Greasemonkey - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-06]
FF Extension: Open With Photoshop - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}.xpi [2014-07-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-01-15]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-06]
FF HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 MBAMScheduler; F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; F:\Programme\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-12-30] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-12-30] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-06] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-01-23] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-01-23] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700680 2014-01-23] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 18:03 - 2015-01-15 18:03 - 00000901 _____ () C:\Users\Tilman\Desktop\JRT.txt
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-15 17:50 - 2015-01-15 17:53 - 00000000 ____D () C:\AdwCleaner
2015-01-15 17:49 - 2015-01-15 17:49 - 01707939 _____ (Thisisu) C:\Users\Tilman\Desktop\JRT.exe
2015-01-15 17:44 - 2015-01-15 17:44 - 02191360 _____ () C:\Users\Tilman\Desktop\AdwCleaner_4.107.exe
2015-01-15 14:54 - 2015-01-15 14:54 - 01088184 _____ () C:\Users\Tilman\Desktop\Kaspersky.txt
2015-01-15 14:42 - 2015-01-15 14:42 - 00002976 _____ () C:\Users\Tilman\Desktop\mbam.txt
2015-01-15 14:21 - 2015-01-15 17:54 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 14:21 - 2015-01-15 14:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-15 14:19 - 2015-01-15 14:19 - 00000822 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-15 14:19 - 2015-01-15 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-15 14:19 - 2015-01-15 14:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-15 14:19 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-15 14:19 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-15 14:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-15 14:13 - 2015-01-15 14:13 - 00380416 _____ () C:\Users\Tilman\Desktop\Gmer-19357.exe
2015-01-15 14:12 - 2015-01-15 14:40 - 00047637 _____ () C:\Users\Tilman\Desktop\Addition.txt
2015-01-15 14:11 - 2015-01-15 18:04 - 00030100 _____ () C:\Users\Tilman\Desktop\FRST.txt
2015-01-15 14:11 - 2015-01-15 18:04 - 00000000 ____D () C:\FRST
2015-01-15 14:10 - 2015-01-15 14:09 - 02125312 _____ (Farbar) C:\Users\Tilman\Desktop\FRST64.exe
2015-01-15 14:07 - 2015-01-15 14:37 - 00000476 _____ () C:\Users\Tilman\Desktop\defogger_disable.log
2015-01-15 14:07 - 2015-01-15 14:07 - 00000000 _____ () C:\Users\Tilman\defogger_reenable
2015-01-15 14:06 - 2015-01-15 14:04 - 00050477 _____ () C:\Users\Tilman\Desktop\Defogger.exe
2015-01-15 14:06 - 2015-01-15 14:03 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Tilman\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-15 12:55 - 2015-01-15 12:55 - 02347384 _____ (ESET) C:\Users\Tilman\Desktop\esetsmartinstaller_deu.exe
2015-01-15 12:49 - 2015-01-15 12:49 - 00421350 _____ () C:\Users\Tilman\Desktop\bookmarks-2015-01-15.json
2015-01-14 16:40 - 2015-01-14 16:40 - 00011557 _____ () C:\Users\Tilman\Desktop\Neuer PC.xlsx
2015-01-07 14:20 - 2015-01-07 14:20 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Mootools
2015-01-07 14:17 - 2015-01-07 14:17 - 00000915 _____ () C:\Users\Public\Desktop\Polygon Cruncher (x64 bits) 10.51.lnk
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\ProgramData\Mootools
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polygon Cruncher (x64 bits)
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\Program Files\Polygon Cruncher
2014-12-31 20:36 - 2015-01-10 15:41 - 00000096 _____ () C:\Users\Tilman\AppData\Roaming\WB.CFG
2014-12-31 19:36 - 2015-01-01 18:42 - 00000951 _____ () C:\Users\Tilman\Desktop\JDownloader.lnk
2014-12-30 19:04 - 2014-12-30 19:04 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-30 04:33 - 2014-12-30 04:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2014-12-29 18:40 - 2014-12-29 18:40 - 00001124 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-12-29 18:40 - 2014-12-29 18:40 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-12-26 10:55 - 2014-12-26 10:55 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 02:53 - 2014-12-27 13:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-18 09:43 - 2014-12-18 09:43 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Skyrim
2014-12-18 01:45 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-18 01:45 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-12-18 01:45 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-12-18 01:45 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-12-18 01:45 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-12-18 01:45 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-12-18 01:45 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2014-12-18 01:45 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-12-18 01:45 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-12-18 01:45 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-12-18 01:45 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-12-18 01:45 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-12-18 01:45 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-12-18 01:45 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-18 01:45 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-12-18 01:45 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-12-18 01:45 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-12-18 01:45 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-12-18 01:45 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-12-18 01:45 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-12-18 01:45 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-18 01:45 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-12-18 01:45 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-12-18 01:45 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-12-18 01:45 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-12-18 01:45 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-12-18 01:45 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-12-18 01:45 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-12-18 01:45 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-18 01:45 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-18 01:45 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-12-18 01:45 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-12-18 01:45 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-12-18 01:45 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-12-18 01:45 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-12-18 01:45 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-12-18 01:45 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-12-18 01:45 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-12-18 01:45 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-12-18 01:45 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2014-12-18 01:45 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2014-12-18 01:45 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2014-12-18 01:45 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2014-12-18 01:45 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2014-12-18 01:45 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2014-12-18 01:45 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2014-12-18 01:45 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2014-12-18 01:45 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2014-12-18 01:45 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2014-12-18 01:45 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2014-12-18 01:45 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2014-12-18 01:45 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-12-18 01:45 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-12-18 01:45 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2014-12-18 01:45 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-18 01:45 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2014-12-18 01:45 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-18 01:45 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-18 01:45 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-12-18 01:45 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-12-18 01:45 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2014-12-18 01:45 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2014-12-18 01:45 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-12-18 01:45 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-12-18 01:45 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-12-18 01:45 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-12-18 01:45 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2014-12-18 01:45 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2014-12-18 01:45 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2014-12-18 01:45 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-12-18 01:45 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-12-18 01:45 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-12-18 01:45 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-12-18 01:45 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-12-18 01:45 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-12-18 01:45 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2014-12-18 01:45 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2014-12-18 01:45 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-12-18 01:45 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2014-12-18 01:45 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-12-18 01:45 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-12-18 01:45 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-12-18 01:45 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-18 01:45 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-18 01:45 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-12-18 01:45 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-18 01:45 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-18 01:45 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-12-18 01:45 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2014-12-18 01:45 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2014-12-18 01:45 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2014-12-18 01:45 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-12-18 01:45 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2014-12-18 01:45 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2014-12-18 01:45 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2014-12-18 01:45 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-12-18 01:45 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2014-12-18 01:45 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2014-12-18 01:45 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-12-18 01:45 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2014-12-18 01:45 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2014-12-18 01:45 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2014-12-18 01:45 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2014-12-18 01:45 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2014-12-18 01:45 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-12-18 01:45 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2014-12-18 01:45 - 2014-10-17 05:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-18 01:45 - 2014-10-17 05:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-18 01:45 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-18 01:45 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-18 01:43 - 2014-12-18 01:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-12-18 01:43 - 2014-12-18 01:52 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-12-18 01:42 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-18 01:42 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-12-18 01:26 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-18 01:26 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-17 16:10 - 2014-12-24 19:03 - 00000000 ____D () C:\Users\Tilman\Desktop\Messer Screenshots
2014-12-17 12:29 - 2014-12-24 19:03 - 00000931 _____ () C:\Users\Tilman\Desktop\Marmoset Toolbag 2.lnk
2014-12-17 12:29 - 2014-12-17 12:29 - 00000917 _____ () C:\Users\Tilman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marmoset Toolbag 2.lnk
2014-12-17 12:29 - 2014-12-17 12:29 - 00000000 ____D () C:\Program Files\Marmoset Toolbag 2
2014-12-17 00:13 - 2014-12-17 00:13 - 00000000 ____D () C:\Users\Tilman\Documents\Steam Cloud
2014-12-16 12:08 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-16 12:08 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-15 17:57 - 2014-02-06 10:37 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-15 17:57 - 2013-08-23 00:24 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-15 17:57 - 2013-08-23 00:24 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-15 17:54 - 2014-02-15 04:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 17:54 - 2014-02-06 11:39 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-15 17:54 - 2014-02-06 10:33 - 01862147 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-15 17:54 - 2014-02-06 10:32 - 00078732 _____ () C:\WINDOWS\PFRO.log
2015-01-15 17:54 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-15 17:54 - 2013-08-22 14:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-15 17:42 - 2014-05-27 11:34 - 00000000 ____D () C:\Users\Tilman\AppData\Local\TSVNCache
2015-01-15 15:17 - 2014-09-15 23:01 - 00001154 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001UA.job
2015-01-15 15:10 - 2014-02-06 10:46 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3316766629-2442458801-244027669-1001
2015-01-15 14:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-15 14:07 - 2014-02-06 10:41 - 00000000 ____D () C:\Users\Tilman
2015-01-15 12:50 - 2014-10-21 09:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-15 12:50 - 2014-02-12 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-15 12:42 - 2014-02-06 12:05 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\Spotify
2015-01-15 12:17 - 2014-09-15 23:01 - 00001102 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001Core.job
2015-01-15 11:11 - 2014-08-16 16:29 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Adobe
2015-01-14 22:14 - 2014-02-06 16:37 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\TS3Client
2015-01-14 11:42 - 2014-02-06 22:51 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Battle.net
2015-01-13 15:11 - 2013-08-22 15:46 - 00076662 _____ () C:\WINDOWS\setupact.log
2015-01-13 02:42 - 2014-09-17 23:07 - 00003438 _____ () C:\WINDOWS\System32\Tasks\Go sleep
2015-01-12 19:58 - 2014-02-06 12:07 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Spotify
2015-01-11 11:27 - 2014-02-14 03:12 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 02:05 - 2014-08-17 20:11 - 00000026 _____ () C:\Users\Tilman\Desktop\Folge.txt
2015-01-10 22:25 - 2014-02-28 14:36 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-10 16:20 - 2014-06-13 20:13 - 00000000 ____D () C:\Users\Tilman\Documents\Audible
2015-01-08 22:53 - 2014-02-28 14:36 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-01-07 14:17 - 2014-02-06 12:21 - 00000000 ____D () C:\Program Files\Autodesk
2015-01-07 09:22 - 2014-05-15 13:52 - 00000000 ____D () C:\Users\Tilman\Documents\Substance Painter
2015-01-07 09:18 - 2014-07-14 14:46 - 00000000 ____D () C:\Users\Tilman\Documents\Unreal Projects
2015-01-01 18:48 - 2014-02-14 11:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-01 18:47 - 2014-10-21 09:06 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-01 18:47 - 2014-10-21 09:06 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-01 18:47 - 2014-10-21 09:06 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-01 18:42 - 2014-02-12 12:48 - 00000915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-01-01 18:42 - 2014-02-12 12:48 - 00000867 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-01-01 18:42 - 2014-02-12 12:48 - 00000850 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-12-31 02:24 - 2014-03-18 19:15 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\vlc
2014-12-30 19:07 - 2014-06-07 15:11 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-12-30 04:32 - 2014-02-28 14:36 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-30 04:32 - 2014-02-06 13:08 - 00446757 _____ () C:\WINDOWS\DirectX.log
2014-12-29 18:40 - 2014-03-26 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-29 18:40 - 2014-03-26 12:18 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\DVDVideoSoft
2014-12-24 19:03 - 2014-03-12 10:11 - 00000132 _____ () C:\Users\Tilman\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-12-22 22:12 - 2014-02-10 15:56 - 00000000 ____D () C:\Users\Tilman\Documents\my games
2014-12-19 20:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-18 01:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-18 01:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-18 01:49 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 01:48 - 2014-02-08 04:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-18 01:48 - 2014-02-06 11:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-18 01:46 - 2014-02-08 04:38 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-18 01:45 - 2014-11-12 13:00 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-12-18 01:43 - 2014-09-11 11:33 - 00000000 ____D () C:\Temp
2014-12-18 01:43 - 2014-02-06 10:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-17 16:16 - 2014-05-02 17:26 - 00000132 _____ () C:\Users\Tilman\AppData\Roaming\Adobe Targa Format CS6 Prefs

Files to move or delete:
====================
C:\Users\Tilman\{0B58B8BE-ECA4-40FE-BC61-189F9B1A2330}.dat


Some content of TEMP:
====================
C:\Users\Tilman\AppData\Local\Temp\01IYYlgJF3G4L2MY.dll
C:\Users\Tilman\AppData\Local\Temp\093U3rS416pze9kl.dll
C:\Users\Tilman\AppData\Local\Temp\0Dx9mguVpzN67xx5.dll
C:\Users\Tilman\AppData\Local\Temp\0GAB2NhX3BGnx1J8.dll
C:\Users\Tilman\AppData\Local\Temp\0i6IdX2h0zyc2sW9.dll
C:\Users\Tilman\AppData\Local\Temp\0j6fBL05t1Ut8v6q.dll
C:\Users\Tilman\AppData\Local\Temp\0ZpRdb7CBO87fJ3A.dll
C:\Users\Tilman\AppData\Local\Temp\0Zv1a1BS2Kzg14sO.dll
C:\Users\Tilman\AppData\Local\Temp\130645245069611062.exe
C:\Users\Tilman\AppData\Local\Temp\13064524524444686713.exe
C:\Users\Tilman\AppData\Local\Temp\130646076301913565.exe
C:\Users\Tilman\AppData\Local\Temp\13064607648051933527.exe
C:\Users\Tilman\AppData\Local\Temp\152FpzxP7fvOKg41.dll
C:\Users\Tilman\AppData\Local\Temp\15jRHMoBSeg65F64.dll
C:\Users\Tilman\AppData\Local\Temp\1oK73bcUwBvroCuv.dll
C:\Users\Tilman\AppData\Local\Temp\1R4B23Q231a2kCfy.dll
C:\Users\Tilman\AppData\Local\Temp\1UdER16p98Z24iVU.dll
C:\Users\Tilman\AppData\Local\Temp\234PxnlK4hmnx0u7.dll
C:\Users\Tilman\AppData\Local\Temp\269Lo5edn5kEcc39.dll
C:\Users\Tilman\AppData\Local\Temp\2Uec9Im5Y7bh1jL5.dll
C:\Users\Tilman\AppData\Local\Temp\32A760CEtp6Cc1p0.dll
C:\Users\Tilman\AppData\Local\Temp\36uoB7u629675XwQ.dll
C:\Users\Tilman\AppData\Local\Temp\379que2DB4GXavXP.dll
C:\Users\Tilman\AppData\Local\Temp\37Du1w94b83qoE0K.dll
C:\Users\Tilman\AppData\Local\Temp\3h85vFMh50w0BGnh.dll
C:\Users\Tilman\AppData\Local\Temp\3i4obhVx0OYoii4p.dll
C:\Users\Tilman\AppData\Local\Temp\3ICogG56wLzTPSjO.dll
C:\Users\Tilman\AppData\Local\Temp\3JUGp3663FL6XDPa.dll
C:\Users\Tilman\AppData\Local\Temp\3Kni49xJQ3lme7Zj.dll
C:\Users\Tilman\AppData\Local\Temp\50comupd.exe
C:\Users\Tilman\AppData\Local\Temp\50paF615edr5b109.dll
C:\Users\Tilman\AppData\Local\Temp\5F60gv6t5F58INWU.dll
C:\Users\Tilman\AppData\Local\Temp\5kY7t0Tg8h11c1VX.dll
C:\Users\Tilman\AppData\Local\Temp\5nLfWzyV39ThxZi9.dll
C:\Users\Tilman\AppData\Local\Temp\5RqWo3q03w4i7oyU.dll
C:\Users\Tilman\AppData\Local\Temp\5yFiZb74pm6f98QU.dll
C:\Users\Tilman\AppData\Local\Temp\62OjM44IzGwLx94S.dll
C:\Users\Tilman\AppData\Local\Temp\69e21e0Cx1cAU766.dll
C:\Users\Tilman\AppData\Local\Temp\6tV85v32dhqo6uv2.dll
C:\Users\Tilman\AppData\Local\Temp\6vzO6Z2e2o5z2SGk.dll
C:\Users\Tilman\AppData\Local\Temp\75S5ee0D2MTyGVcs.dll
C:\Users\Tilman\AppData\Local\Temp\7AsS3J0C13M6T9r1.dll
C:\Users\Tilman\AppData\Local\Temp\7bpNZ99KY6WVTh70.dll
C:\Users\Tilman\AppData\Local\Temp\7bU3ZZ4a4YJcuBD8.dll
C:\Users\Tilman\AppData\Local\Temp\7jZXs96MuhbOMWPn.dll
C:\Users\Tilman\AppData\Local\Temp\7L8St05e1bxs7J62.dll
C:\Users\Tilman\AppData\Local\Temp\82uiF35QZ2XTvj0i.dll
C:\Users\Tilman\AppData\Local\Temp\8GgMaGt470qIw5Nt.dll
C:\Users\Tilman\AppData\Local\Temp\8oUkPomYWe7J3447.dll
C:\Users\Tilman\AppData\Local\Temp\975nZZ448z3p4t7L.dll
C:\Users\Tilman\AppData\Local\Temp\9BQDrlrTf7vwRQ26.dll
C:\Users\Tilman\AppData\Local\Temp\9Fjs3t2uB7uAi835.dll
C:\Users\Tilman\AppData\Local\Temp\9J7LeT2Y1Qi4lJ40.dll
C:\Users\Tilman\AppData\Local\Temp\9OImme96m7m2l77f.dll
C:\Users\Tilman\AppData\Local\Temp\a03cQ9KxrrQrV279.dll
C:\Users\Tilman\AppData\Local\Temp\AcDeltree.exe
C:\Users\Tilman\AppData\Local\Temp\AHyYO4M7s1p48IEO.dll
C:\Users\Tilman\AppData\Local\Temp\anp4jcJR700FG8YA.dll
C:\Users\Tilman\AppData\Local\Temp\ASQE2xN81mY38GU2.dll
C:\Users\Tilman\AppData\Local\Temp\aYl8EgLB57BWM1nU.dll
C:\Users\Tilman\AppData\Local\Temp\B3vKKu47t9cDqC84.dll
C:\Users\Tilman\AppData\Local\Temp\b6r6009sCIw7asv4.dll
C:\Users\Tilman\AppData\Local\Temp\BCMVk04f2u9I8J19.dll
C:\Users\Tilman\AppData\Local\Temp\bHYK074s9nuHlkY9.dll
C:\Users\Tilman\AppData\Local\Temp\BvMgAu70JHk519em.dll
C:\Users\Tilman\AppData\Local\Temp\C2wX4IbeuThEZQ1d.dll
C:\Users\Tilman\AppData\Local\Temp\CC72v5RXNsMS44O4.dll
C:\Users\Tilman\AppData\Local\Temp\cFc5yM2wm39o9dW2.dll
C:\Users\Tilman\AppData\Local\Temp\Ck7h8Xz953BIgUln.dll
C:\Users\Tilman\AppData\Local\Temp\d44C8H7Kk9cOBOs7.dll
C:\Users\Tilman\AppData\Local\Temp\d6IcEIkQA4qgTd2C.dll
C:\Users\Tilman\AppData\Local\Temp\Di6Ry1zS96114lQE.dll
C:\Users\Tilman\AppData\Local\Temp\ebRcr13I8BmB4qby.dll
C:\Users\Tilman\AppData\Local\Temp\eL08i5c44qcwWv6U.dll
C:\Users\Tilman\AppData\Local\Temp\eLR5V26ojkna2598.dll
C:\Users\Tilman\AppData\Local\Temp\F1S2LnzxWXomQZwO.dll
C:\Users\Tilman\AppData\Local\Temp\f5szPHcF78hkwagR.dll
C:\Users\Tilman\AppData\Local\Temp\Fhop04f518A6KHwa.dll
C:\Users\Tilman\AppData\Local\Temp\fileutil.dll
C:\Users\Tilman\AppData\Local\Temp\Fj76565ynGDx503r.dll
C:\Users\Tilman\AppData\Local\Temp\fN97GWBk8k1meFnq.dll
C:\Users\Tilman\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Tilman\AppData\Local\Temp\Fu56abHzmM1C398d.dll
C:\Users\Tilman\AppData\Local\Temp\g1qNGW9zPL1eUVYH.dll
C:\Users\Tilman\AppData\Local\Temp\G2p434EK116DD8Vg.dll
C:\Users\Tilman\AppData\Local\Temp\G3mnSTDKB79WCI5D.dll
C:\Users\Tilman\AppData\Local\Temp\g42Qan2juQrhHBzm.dll
C:\Users\Tilman\AppData\Local\Temp\G9uc342CT99lt0ge.dll
C:\Users\Tilman\AppData\Local\Temp\GGsHJhDz3kCY4XQj.dll
C:\Users\Tilman\AppData\Local\Temp\Ha2vcpN4Y4PtayCZ.dll
C:\Users\Tilman\AppData\Local\Temp\hQZV68pP9N2lcf62.dll
C:\Users\Tilman\AppData\Local\Temp\hwq2R7901UtiOUA5.dll
C:\Users\Tilman\AppData\Local\Temp\IaV1961FS7a9I7Kq.dll
C:\Users\Tilman\AppData\Local\Temp\IC9O29hpP6G3T87F.dll
C:\Users\Tilman\AppData\Local\Temp\Install Quixel SUITE.exe
C:\Users\Tilman\AppData\Local\Temp\iwKzqLKBH2T7rml4.dll
C:\Users\Tilman\AppData\Local\Temp\iZnr05c2KNMiR29l.dll
C:\Users\Tilman\AppData\Local\Temp\J45t6LdvaT45XqsH.dll
C:\Users\Tilman\AppData\Local\Temp\J5NXanXqg9mmeM0s.dll
C:\Users\Tilman\AppData\Local\Temp\jBl9RZ0tw1wueWRy.dll
C:\Users\Tilman\AppData\Local\Temp\jQ4SsYD6vLtuWtMi.dll
C:\Users\Tilman\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\k4187gVfX6h59i0X.dll
C:\Users\Tilman\AppData\Local\Temp\k45lQji78UejGPbs.dll
C:\Users\Tilman\AppData\Local\Temp\Kd07a08UnMm4H6O4.dll
C:\Users\Tilman\AppData\Local\Temp\KS3QOM3V2uVE316J.dll
C:\Users\Tilman\AppData\Local\Temp\KW3HMQ7XwdZH3PFv.dll
C:\Users\Tilman\AppData\Local\Temp\kY19X9gx6iGoUuXB.dll
C:\Users\Tilman\AppData\Local\Temp\LMpP9ZeM64g88u40.dll
C:\Users\Tilman\AppData\Local\Temp\lxi5fsE5r4q7I47i.dll
C:\Users\Tilman\AppData\Local\Temp\m822Qvh33647SJMB.dll
C:\Users\Tilman\AppData\Local\Temp\MGHbY4BDr6Kz29nL.dll
C:\Users\Tilman\AppData\Local\Temp\my8DrnFnE2e9a9L6.dll
C:\Users\Tilman\AppData\Local\Temp\N5Swx5yaOMPrJP9o.dll
C:\Users\Tilman\AppData\Local\Temp\n7HTEUfc33aIOS8J.dll
C:\Users\Tilman\AppData\Local\Temp\n8n0wMRWd96jD895.dll
C:\Users\Tilman\AppData\Local\Temp\nK674wxs4rX76rdB.dll
C:\Users\Tilman\AppData\Local\Temp\NNdWj2w0kqWDg4UE.dll
C:\Users\Tilman\AppData\Local\Temp\NTy095bZlyvTQb56.dll
C:\Users\Tilman\AppData\Local\Temp\Nv5uh6tJNY07R88K.dll
C:\Users\Tilman\AppData\Local\Temp\og5PIzWO7YCnIgtc.dll
C:\Users\Tilman\AppData\Local\Temp\oIParY90Q4np85AX.dll
C:\Users\Tilman\AppData\Local\Temp\oy9680KCi3srZ7g7.dll
C:\Users\Tilman\AppData\Local\Temp\P54TYIFMpzcS6k01.dll
C:\Users\Tilman\AppData\Local\Temp\PemchFSP4lER1lXK.dll
C:\Users\Tilman\AppData\Local\Temp\pK6BZe927YD2itKl.dll
C:\Users\Tilman\AppData\Local\Temp\PlF5TfHPn76L7gI8.dll
C:\Users\Tilman\AppData\Local\Temp\QIW6J9MWP4TM5qAV.dll
C:\Users\Tilman\AppData\Local\Temp\qtG1mQ2Dp9C8Gw64.dll
C:\Users\Tilman\AppData\Local\Temp\Quarantine.exe
C:\Users\Tilman\AppData\Local\Temp\r5wJs3B2Q48i0bC9.dll
C:\Users\Tilman\AppData\Local\Temp\R6fY47gI7VL1ZQax.dll
C:\Users\Tilman\AppData\Local\Temp\RB5gpcD6SGM0rX3N.dll
C:\Users\Tilman\AppData\Local\Temp\Rd223rDK2zp07d3H.dll
C:\Users\Tilman\AppData\Local\Temp\rHD4Ck7IluX9S17R.dll
C:\Users\Tilman\AppData\Local\Temp\rZK0daFQ2J5N3vgV.dll
C:\Users\Tilman\AppData\Local\Temp\S46nfxrcQ95s93vE.dll
C:\Users\Tilman\AppData\Local\Temp\s764FMNifJWa90BS.dll
C:\Users\Tilman\AppData\Local\Temp\SendRpt.exe
C:\Users\Tilman\AppData\Local\Temp\Setup.exe
C:\Users\Tilman\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Tilman\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Tilman\AppData\Local\Temp\sfareca00001.dll
C:\Users\Tilman\AppData\Local\Temp\sfextra.dll
C:\Users\Tilman\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tilman\AppData\Local\Temp\sonarinst.exe
C:\Users\Tilman\AppData\Local\Temp\sqlite3.dll
C:\Users\Tilman\AppData\Local\Temp\Sw8433mLpF9mBm62.dll
C:\Users\Tilman\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Tilman\AppData\Local\Temp\SX0YJ08LjW5Wv58U.dll
C:\Users\Tilman\AppData\Local\Temp\TIoLU62brzkHNZEg.dll
C:\Users\Tilman\AppData\Local\Temp\ULn1UWChNxH29xN9.dll
C:\Users\Tilman\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Tilman\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\Tilman\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Tilman\AppData\Local\Temp\VmrlZ32fX40GSGXB.dll
C:\Users\Tilman\AppData\Local\Temp\vspCyhtNl2KQ5M1f.dll
C:\Users\Tilman\AppData\Local\Temp\W1wN02Fe67Uj1539.dll
C:\Users\Tilman\AppData\Local\Temp\Wildstar.exe
C:\Users\Tilman\AppData\Local\Temp\Ww76D0yv4jP85Zj8.dll
C:\Users\Tilman\AppData\Local\Temp\wZ4ApBO86gYS1Gnt.dll
C:\Users\Tilman\AppData\Local\Temp\X6wZx7591e5H1IMH.dll
C:\Users\Tilman\AppData\Local\Temp\Xq0g7L72LCXF4U3b.dll
C:\Users\Tilman\AppData\Local\Temp\xx9B6nIc5F80e6hm.dll
C:\Users\Tilman\AppData\Local\Temp\y1542E3q9u3DnWd2.dll
C:\Users\Tilman\AppData\Local\Temp\y74Eu0Q43iT8nrzY.dll
C:\Users\Tilman\AppData\Local\Temp\z6TVNidcS729c44n.dll
C:\Users\Tilman\AppData\Local\Temp\zbqaAvqbpMu6TmBB.dll
C:\Users\Tilman\AppData\Local\Temp\ZIO7H4Z3OQ391418.dll
C:\Users\Tilman\AppData\Local\Temp\ZKBIER5ld8Cv9OCK.dll
C:\Users\Tilman\AppData\Local\Temp\zx81VKyJ8vv964Tp.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-10 14:54

==================== End Of Log ============================
         

--- --- ---

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

ESET Scanner hat etwas länger gedauert, habs also über nacht laufen lassen, hoffe der ist jetzt komplett. So eine Nachricht von Kaspersky ist noch nicht nochmal aufgetaucht aber mein Firefox stürzt seid wir das angefangen haben immer mal wieder ab, könnte natürlich auch an was anderem liegen und kann wahrscheinlich ganz einfach behoben werden in dem ich den neu installiere oder?

ESET Log:

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=948f7e05c6f0094bb15c918698281141
# engine=21986
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-15 06:34:04
# local_time=2015-01-15 07:34:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 4610 52821266 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4721425 29673165 0 0
# scanned=457218
# found=1
# cleaned=0
# scan_time=2623
sh=08A0C25B0BF40535697C1C584ACCDA490D6BC882 ft=1 fh=dbe7f66a50ce49ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tilman\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=948f7e05c6f0094bb15c918698281141
# engine=21992
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-15 11:21:24
# local_time=2015-01-16 12:21:24 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 17379 52838506 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4738665 29690405 0 0
# scanned=201
# found=1
# cleaned=0
# scan_time=38
sh=08A0C25B0BF40535697C1C584ACCDA490D6BC882 ft=1 fh=dbe7f66a50ce49ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tilman\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=948f7e05c6f0094bb15c918698281141
# engine=21992
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-16 02:01:30
# local_time=2015-01-16 03:01:30 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777214 100 100 13197 52848112 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4751871 29700011 0 0
# scanned=780082
# found=12
# cleaned=0
# scan_time=9165
sh=08A0C25B0BF40535697C1C584ACCDA490D6BC882 ft=1 fh=dbe7f66a50ce49ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tilman\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=046F9AEE53851CC08B6A8F5664C0F89535315CB6 ft=1 fh=2f432a919c92a201 vn="Variante von Win32/InstallCore.VD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tilman\AppData\Local\Microsoft\Windows\INetCache\IE\BNFGZHJN\JDownloaderSetup[1].exe"
sh=E33B196177C09F57CD79D237B57B17A340B948FD ft=1 fh=47c1672763a58d1e vn="Variante von Win32/InstallCore.VD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tilman\AppData\Local\Microsoft\Windows\INetCache\IE\YYK4UITS\JDownloaderSetup[1].exe"
sh=046F9AEE53851CC08B6A8F5664C0F89535315CB6 ft=1 fh=2f432a919c92a201 vn="Variante von Win32/InstallCore.VD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tilman\AppData\Local\Temp\13064524524444686713.exe"
sh=E33B196177C09F57CD79D237B57B17A340B948FD ft=1 fh=47c1672763a58d1e vn="Variante von Win32/InstallCore.VD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tilman\AppData\Local\Temp\13064607648051933527.exe"
sh=A836A8346F791EC8A83B51BC78E84B2F6659E6DA ft=1 fh=0a2e45c370149901 vn="Win32/Wajam.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tilman\AppData\Local\Temp\is1070216317\1823576_stp\wajam_validate.exe"
sh=9E54D0C43AB07F6A61F002A38788F4251C2BB132 ft=1 fh=ef44fec5a905b96c vn="Variante von Win32/DealPly.AC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tilman\AppData\Local\Temp\is1201216051\0846756A_stp\pm.exe"
sh=27E9FAE1455215FE152EB802B996CE1EB39A1A00 ft=1 fh=2ccf66f33a7ea49e vn="Variante von Win32/ELEX.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tilman\AppData\Local\Temp\is1201216051\53260F82_stp\Dec29_cor_vi-view.exe"
sh=39F797D0879A2DDC2FA7C9F89DB88C080ECD9698 ft=1 fh=18fe6f3756ce4a50 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads\MotioninJoy - CHIP-Installer.exe"
sh=5F8C446940C5999BB30C27502750187500414AC6 ft=1 fh=ca4d2999f6babf54 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads\NovaBench - CHIP-Installer.exe"
sh=DD33973FB2D08CCCFD9C7EF86CCFC1EBD760C993 ft=1 fh=6cfa6f0c6ca602ea vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads\Steam Mover - CHIP-Installer.exe"
sh=64A2AC76A98DC9EDE4C9EFD6E8C986CD865A2780 ft=1 fh=1117f44880629a74 vn="Win32/SuspLibLoad.A Trojaner" ac=I fn="F:\Program Files (x86)\South Park The Stick of Truth\winmm.dll"
         

Security Check Log:

Code: Alles auswählenAufklappen

ATTFilter

 Results of screen317's Security Check version 0.99.93  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
Windows Defender              
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 	16.0.0.235  
 Adobe Reader XI  
 Mozilla Firefox (35.0) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

FRST Log:


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Tilman (administrator) on TILMANN-LAPTOP on 16-01-2015 10:28:00
Running from C:\Users\Tilman\Desktop
Loaded Profiles: Tilman (Available profiles: Tilman)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(The Eraser Project) F:\Programme\Eraser\Eraser.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Tilman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Elaborate Bytes AG) F:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => F:\Programme\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AutoShutdownManager] => F:\Program Files (x86)\AutoShutdownManager\AutoShutdownManager.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => F:\Programme\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => F:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [iTunesHelper] => F:\Programme\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Auto] => D:\autorun.exe
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Spotify Web Helper] => C:\Users\Tilman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Google Update] => C:\Users\Tilman\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-15] (Google Inc.)
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {30051a22-9181-11e3-8251-fcf8ae69c200} - "G:\setup.exe" 
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {c09c35a3-8f10-11e3-824b-806e6f6e6963} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {ff906f68-e908-11e3-8275-0090f5ef372e} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {ff906f85-e908-11e3-8275-0090f5ef372e} - "H:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> F:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> F:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> F:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tilman\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @talk.google.com/O1DPlugin -> C:\Users\Tilman\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tilman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\Tilman\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tilman\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: YouTube Unblocker - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-05]
FF Extension: DownloadHelper - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: ProxTube - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: Enhanced Steam - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid0-SmvlvxGpvCyG252KbVMqIKR79Uc@jetpack.xpi [2014-09-08]
FF Extension: Lightbeam - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-02-06]
FF Extension: Pin It Button - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-12-21]
FF Extension: Media Hint - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\mediahint@jetpack.xpi [2014-03-29]
FF Extension: Personas Plus - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\personas@christopher.beard.xpi [2014-02-06]
FF Extension: /r/Diablo Browser Extension - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\rdiablo@chaosteil.net.xpi [2014-10-28]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2014-02-06]
FF Extension: web Updater Pro - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{5d0e19f6-7469-41e3-b1b4-04df991006a8}.xpi [2014-11-15]
FF Extension: ImTranslator - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2014-02-13]
FF Extension: {a127eaee-23c6-402d-8a2f-6c388f0624e6} - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{a127eaee-23c6-402d-8a2f-6c388f0624e6}.xpi [2014-11-11]
FF Extension: Adblock Plus - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-06]
FF Extension: Greasemonkey - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-06]
FF Extension: Open With Photoshop - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\c6i4b1mu.default\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}.xpi [2014-07-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-01-15]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-06]
FF HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-29]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
S4 MBAMScheduler; F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; F:\Programme\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-12-30] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-12-30] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-06] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-01-23] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-01-23] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700680 2014-01-23] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 10:27 - 2015-01-16 10:26 - 00852505 _____ () C:\Users\Tilman\Desktop\SecurityCheck.exe
2015-01-15 18:47 - 2015-01-15 18:47 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-15 18:03 - 2015-01-15 18:03 - 00000901 _____ () C:\Users\Tilman\Desktop\JRT.txt
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-15 17:50 - 2015-01-15 17:53 - 00000000 ____D () C:\AdwCleaner
2015-01-15 17:49 - 2015-01-15 17:49 - 01707939 _____ (Thisisu) C:\Users\Tilman\Desktop\JRT.exe
2015-01-15 17:44 - 2015-01-15 17:44 - 02191360 _____ () C:\Users\Tilman\Desktop\AdwCleaner_4.107.exe
2015-01-15 14:54 - 2015-01-15 14:54 - 01088184 _____ () C:\Users\Tilman\Desktop\Kaspersky.txt
2015-01-15 14:42 - 2015-01-15 14:42 - 00002976 _____ () C:\Users\Tilman\Desktop\mbam.txt
2015-01-15 14:21 - 2015-01-15 18:17 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 14:21 - 2015-01-15 14:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-15 14:19 - 2015-01-15 14:19 - 00000822 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-15 14:19 - 2015-01-15 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-15 14:19 - 2015-01-15 14:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-15 14:19 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-15 14:19 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-15 14:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-15 14:13 - 2015-01-15 14:13 - 00380416 _____ () C:\Users\Tilman\Desktop\Gmer-19357.exe
2015-01-15 14:12 - 2015-01-15 18:04 - 00034733 _____ () C:\Users\Tilman\Desktop\Addition.txt
2015-01-15 14:11 - 2015-01-16 10:28 - 00030026 _____ () C:\Users\Tilman\Desktop\FRST.txt
2015-01-15 14:11 - 2015-01-16 10:28 - 00000000 ____D () C:\FRST
2015-01-15 14:10 - 2015-01-15 14:09 - 02125312 _____ (Farbar) C:\Users\Tilman\Desktop\FRST64.exe
2015-01-15 14:07 - 2015-01-15 14:37 - 00000476 _____ () C:\Users\Tilman\Desktop\defogger_disable.log
2015-01-15 14:07 - 2015-01-15 14:07 - 00000000 _____ () C:\Users\Tilman\defogger_reenable
2015-01-15 14:06 - 2015-01-15 14:04 - 00050477 _____ () C:\Users\Tilman\Desktop\Defogger.exe
2015-01-15 12:55 - 2015-01-15 12:55 - 02347384 _____ (ESET) C:\Users\Tilman\Desktop\esetsmartinstaller_deu.exe
2015-01-15 12:49 - 2015-01-15 12:49 - 00421350 _____ () C:\Users\Tilman\Desktop\bookmarks-2015-01-15.json
2015-01-14 16:40 - 2015-01-14 16:40 - 00011557 _____ () C:\Users\Tilman\Desktop\Neuer PC.xlsx
2015-01-07 14:20 - 2015-01-07 14:20 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Mootools
2015-01-07 14:17 - 2015-01-07 14:17 - 00000915 _____ () C:\Users\Public\Desktop\Polygon Cruncher (x64 bits) 10.51.lnk
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\ProgramData\Mootools
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polygon Cruncher (x64 bits)
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\Program Files\Polygon Cruncher
2014-12-31 20:36 - 2015-01-10 15:41 - 00000096 _____ () C:\Users\Tilman\AppData\Roaming\WB.CFG
2014-12-31 19:36 - 2015-01-01 18:42 - 00000951 _____ () C:\Users\Tilman\Desktop\JDownloader.lnk
2014-12-30 19:04 - 2014-12-30 19:04 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-30 04:33 - 2014-12-30 04:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2014-12-29 18:40 - 2014-12-29 18:40 - 00001124 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-12-29 18:40 - 2014-12-29 18:40 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-12-26 10:55 - 2014-12-26 10:55 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 02:53 - 2014-12-27 13:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-18 09:43 - 2014-12-18 09:43 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Skyrim
2014-12-18 01:45 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-18 01:45 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-12-18 01:45 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-12-18 01:45 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-12-18 01:45 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-12-18 01:45 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-12-18 01:45 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2014-12-18 01:45 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-12-18 01:45 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-12-18 01:45 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-12-18 01:45 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-12-18 01:45 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-12-18 01:45 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-12-18 01:45 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-18 01:45 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-12-18 01:45 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-12-18 01:45 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-12-18 01:45 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-12-18 01:45 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-12-18 01:45 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-12-18 01:45 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-18 01:45 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-12-18 01:45 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-12-18 01:45 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-12-18 01:45 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-12-18 01:45 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-12-18 01:45 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-12-18 01:45 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-12-18 01:45 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-18 01:45 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-18 01:45 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-12-18 01:45 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-12-18 01:45 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-12-18 01:45 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-12-18 01:45 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-12-18 01:45 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-12-18 01:45 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-12-18 01:45 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-12-18 01:45 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-12-18 01:45 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2014-12-18 01:45 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2014-12-18 01:45 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2014-12-18 01:45 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2014-12-18 01:45 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2014-12-18 01:45 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2014-12-18 01:45 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2014-12-18 01:45 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2014-12-18 01:45 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2014-12-18 01:45 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2014-12-18 01:45 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2014-12-18 01:45 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2014-12-18 01:45 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-12-18 01:45 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-12-18 01:45 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2014-12-18 01:45 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-18 01:45 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2014-12-18 01:45 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-18 01:45 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-18 01:45 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-12-18 01:45 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-12-18 01:45 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2014-12-18 01:45 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2014-12-18 01:45 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-12-18 01:45 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-12-18 01:45 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-12-18 01:45 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-12-18 01:45 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2014-12-18 01:45 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2014-12-18 01:45 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2014-12-18 01:45 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-12-18 01:45 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-12-18 01:45 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-12-18 01:45 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-12-18 01:45 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-12-18 01:45 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-12-18 01:45 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2014-12-18 01:45 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2014-12-18 01:45 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-12-18 01:45 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2014-12-18 01:45 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-12-18 01:45 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-12-18 01:45 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-12-18 01:45 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-18 01:45 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-18 01:45 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-12-18 01:45 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-18 01:45 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-18 01:45 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-12-18 01:45 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2014-12-18 01:45 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2014-12-18 01:45 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2014-12-18 01:45 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-12-18 01:45 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2014-12-18 01:45 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2014-12-18 01:45 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2014-12-18 01:45 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-12-18 01:45 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2014-12-18 01:45 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2014-12-18 01:45 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-12-18 01:45 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2014-12-18 01:45 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2014-12-18 01:45 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2014-12-18 01:45 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2014-12-18 01:45 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2014-12-18 01:45 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-12-18 01:45 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2014-12-18 01:45 - 2014-10-17 05:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-18 01:45 - 2014-10-17 05:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-18 01:45 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-18 01:45 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-18 01:43 - 2014-12-18 01:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-12-18 01:43 - 2014-12-18 01:52 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-12-18 01:42 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-18 01:42 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-12-18 01:26 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-18 01:26 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-17 16:10 - 2014-12-24 19:03 - 00000000 ____D () C:\Users\Tilman\Desktop\Messer Screenshots
2014-12-17 12:29 - 2014-12-24 19:03 - 00000931 _____ () C:\Users\Tilman\Desktop\Marmoset Toolbag 2.lnk
2014-12-17 12:29 - 2014-12-17 12:29 - 00000917 _____ () C:\Users\Tilman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marmoset Toolbag 2.lnk
2014-12-17 12:29 - 2014-12-17 12:29 - 00000000 ____D () C:\Program Files\Marmoset Toolbag 2
2014-12-17 00:13 - 2014-12-17 00:13 - 00000000 ____D () C:\Users\Tilman\Documents\Steam Cloud

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 10:23 - 2014-02-06 11:39 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-16 10:17 - 2014-09-15 23:01 - 00001154 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001UA.job
2015-01-16 10:11 - 2014-02-06 10:37 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-16 10:11 - 2013-08-23 00:24 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-16 10:11 - 2013-08-23 00:24 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-16 10:10 - 2014-02-06 10:33 - 01938017 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-16 10:08 - 2014-05-27 11:34 - 00000000 ____D () C:\Users\Tilman\AppData\Local\TSVNCache
2015-01-16 10:07 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-16 05:00 - 2014-02-06 10:41 - 00000000 ____D () C:\Users\Tilman
2015-01-16 05:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-16 05:00 - 2013-08-22 14:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-16 02:00 - 2014-08-16 16:29 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Adobe
2015-01-15 23:55 - 2014-02-06 12:05 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\Spotify
2015-01-15 23:52 - 2014-02-06 16:37 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\TS3Client
2015-01-15 18:17 - 2014-02-06 12:07 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Spotify
2015-01-15 17:54 - 2014-02-15 04:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 17:54 - 2014-02-06 10:32 - 00078732 _____ () C:\WINDOWS\PFRO.log
2015-01-15 15:10 - 2014-02-06 10:46 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3316766629-2442458801-244027669-1001
2015-01-15 14:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-15 12:50 - 2014-10-21 09:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-15 12:50 - 2014-02-12 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-15 12:17 - 2014-09-15 23:01 - 00001102 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001Core.job
2015-01-14 11:42 - 2014-02-06 22:51 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Battle.net
2015-01-13 15:11 - 2013-08-22 15:46 - 00076662 _____ () C:\WINDOWS\setupact.log
2015-01-13 02:42 - 2014-09-17 23:07 - 00003438 _____ () C:\WINDOWS\System32\Tasks\Go sleep
2015-01-11 11:27 - 2014-02-14 03:12 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 02:05 - 2014-08-17 20:11 - 00000026 _____ () C:\Users\Tilman\Desktop\Folge.txt
2015-01-10 22:25 - 2014-02-28 14:36 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-10 16:20 - 2014-06-13 20:13 - 00000000 ____D () C:\Users\Tilman\Documents\Audible
2015-01-08 22:53 - 2014-02-28 14:36 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-01-07 14:17 - 2014-02-06 12:21 - 00000000 ____D () C:\Program Files\Autodesk
2015-01-07 09:22 - 2014-05-15 13:52 - 00000000 ____D () C:\Users\Tilman\Documents\Substance Painter
2015-01-07 09:18 - 2014-07-14 14:46 - 00000000 ____D () C:\Users\Tilman\Documents\Unreal Projects
2015-01-01 18:48 - 2014-02-14 11:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-01 18:47 - 2014-10-21 09:06 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-01 18:47 - 2014-10-21 09:06 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-01 18:47 - 2014-10-21 09:06 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-01 18:42 - 2014-02-12 12:48 - 00000915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-01-01 18:42 - 2014-02-12 12:48 - 00000867 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-01-01 18:42 - 2014-02-12 12:48 - 00000850 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-12-31 02:24 - 2014-03-18 19:15 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\vlc
2014-12-30 19:07 - 2014-06-07 15:11 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-12-30 04:32 - 2014-02-28 14:36 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-30 04:32 - 2014-02-06 13:08 - 00446757 _____ () C:\WINDOWS\DirectX.log
2014-12-29 18:40 - 2014-03-26 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-29 18:40 - 2014-03-26 12:18 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\DVDVideoSoft
2014-12-24 19:03 - 2014-03-12 10:11 - 00000132 _____ () C:\Users\Tilman\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-12-22 22:12 - 2014-02-10 15:56 - 00000000 ____D () C:\Users\Tilman\Documents\my games
2014-12-19 20:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-18 01:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-18 01:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-18 01:49 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 01:48 - 2014-02-08 04:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-18 01:48 - 2014-02-06 11:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-18 01:46 - 2014-02-08 04:38 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-18 01:45 - 2014-11-12 13:00 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-12-18 01:43 - 2014-09-11 11:33 - 00000000 ____D () C:\Temp
2014-12-18 01:43 - 2014-02-06 10:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-17 16:16 - 2014-05-02 17:26 - 00000132 _____ () C:\Users\Tilman\AppData\Roaming\Adobe Targa Format CS6 Prefs

Files to move or delete:
====================
C:\Users\Tilman\{0B58B8BE-ECA4-40FE-BC61-189F9B1A2330}.dat


Some content of TEMP:
====================
C:\Users\Tilman\AppData\Local\Temp\01IYYlgJF3G4L2MY.dll
C:\Users\Tilman\AppData\Local\Temp\093U3rS416pze9kl.dll
C:\Users\Tilman\AppData\Local\Temp\0Dx9mguVpzN67xx5.dll
C:\Users\Tilman\AppData\Local\Temp\0GAB2NhX3BGnx1J8.dll
C:\Users\Tilman\AppData\Local\Temp\0i6IdX2h0zyc2sW9.dll
C:\Users\Tilman\AppData\Local\Temp\0j6fBL05t1Ut8v6q.dll
C:\Users\Tilman\AppData\Local\Temp\0ZpRdb7CBO87fJ3A.dll
C:\Users\Tilman\AppData\Local\Temp\0Zv1a1BS2Kzg14sO.dll
C:\Users\Tilman\AppData\Local\Temp\130645245069611062.exe
C:\Users\Tilman\AppData\Local\Temp\13064524524444686713.exe
C:\Users\Tilman\AppData\Local\Temp\130646076301913565.exe
C:\Users\Tilman\AppData\Local\Temp\13064607648051933527.exe
C:\Users\Tilman\AppData\Local\Temp\152FpzxP7fvOKg41.dll
C:\Users\Tilman\AppData\Local\Temp\15jRHMoBSeg65F64.dll
C:\Users\Tilman\AppData\Local\Temp\1oK73bcUwBvroCuv.dll
C:\Users\Tilman\AppData\Local\Temp\1R4B23Q231a2kCfy.dll
C:\Users\Tilman\AppData\Local\Temp\1UdER16p98Z24iVU.dll
C:\Users\Tilman\AppData\Local\Temp\234PxnlK4hmnx0u7.dll
C:\Users\Tilman\AppData\Local\Temp\269Lo5edn5kEcc39.dll
C:\Users\Tilman\AppData\Local\Temp\2Uec9Im5Y7bh1jL5.dll
C:\Users\Tilman\AppData\Local\Temp\32A760CEtp6Cc1p0.dll
C:\Users\Tilman\AppData\Local\Temp\36uoB7u629675XwQ.dll
C:\Users\Tilman\AppData\Local\Temp\379que2DB4GXavXP.dll
C:\Users\Tilman\AppData\Local\Temp\37Du1w94b83qoE0K.dll
C:\Users\Tilman\AppData\Local\Temp\3h85vFMh50w0BGnh.dll
C:\Users\Tilman\AppData\Local\Temp\3i4obhVx0OYoii4p.dll
C:\Users\Tilman\AppData\Local\Temp\3ICogG56wLzTPSjO.dll
C:\Users\Tilman\AppData\Local\Temp\3JUGp3663FL6XDPa.dll
C:\Users\Tilman\AppData\Local\Temp\3Kni49xJQ3lme7Zj.dll
C:\Users\Tilman\AppData\Local\Temp\50comupd.exe
C:\Users\Tilman\AppData\Local\Temp\50paF615edr5b109.dll
C:\Users\Tilman\AppData\Local\Temp\5F60gv6t5F58INWU.dll
C:\Users\Tilman\AppData\Local\Temp\5kY7t0Tg8h11c1VX.dll
C:\Users\Tilman\AppData\Local\Temp\5nLfWzyV39ThxZi9.dll
C:\Users\Tilman\AppData\Local\Temp\5RqWo3q03w4i7oyU.dll
C:\Users\Tilman\AppData\Local\Temp\5yFiZb74pm6f98QU.dll
C:\Users\Tilman\AppData\Local\Temp\62OjM44IzGwLx94S.dll
C:\Users\Tilman\AppData\Local\Temp\69e21e0Cx1cAU766.dll
C:\Users\Tilman\AppData\Local\Temp\6tV85v32dhqo6uv2.dll
C:\Users\Tilman\AppData\Local\Temp\6vzO6Z2e2o5z2SGk.dll
C:\Users\Tilman\AppData\Local\Temp\75S5ee0D2MTyGVcs.dll
C:\Users\Tilman\AppData\Local\Temp\7AsS3J0C13M6T9r1.dll
C:\Users\Tilman\AppData\Local\Temp\7bpNZ99KY6WVTh70.dll
C:\Users\Tilman\AppData\Local\Temp\7bU3ZZ4a4YJcuBD8.dll
C:\Users\Tilman\AppData\Local\Temp\7jZXs96MuhbOMWPn.dll
C:\Users\Tilman\AppData\Local\Temp\7L8St05e1bxs7J62.dll
C:\Users\Tilman\AppData\Local\Temp\82uiF35QZ2XTvj0i.dll
C:\Users\Tilman\AppData\Local\Temp\8GgMaGt470qIw5Nt.dll
C:\Users\Tilman\AppData\Local\Temp\8oUkPomYWe7J3447.dll
C:\Users\Tilman\AppData\Local\Temp\975nZZ448z3p4t7L.dll
C:\Users\Tilman\AppData\Local\Temp\9BQDrlrTf7vwRQ26.dll
C:\Users\Tilman\AppData\Local\Temp\9Fjs3t2uB7uAi835.dll
C:\Users\Tilman\AppData\Local\Temp\9J7LeT2Y1Qi4lJ40.dll
C:\Users\Tilman\AppData\Local\Temp\9OImme96m7m2l77f.dll
C:\Users\Tilman\AppData\Local\Temp\a03cQ9KxrrQrV279.dll
C:\Users\Tilman\AppData\Local\Temp\AcDeltree.exe
C:\Users\Tilman\AppData\Local\Temp\AHyYO4M7s1p48IEO.dll
C:\Users\Tilman\AppData\Local\Temp\anp4jcJR700FG8YA.dll
C:\Users\Tilman\AppData\Local\Temp\ASQE2xN81mY38GU2.dll
C:\Users\Tilman\AppData\Local\Temp\aYl8EgLB57BWM1nU.dll
C:\Users\Tilman\AppData\Local\Temp\B3vKKu47t9cDqC84.dll
C:\Users\Tilman\AppData\Local\Temp\b6r6009sCIw7asv4.dll
C:\Users\Tilman\AppData\Local\Temp\BCMVk04f2u9I8J19.dll
C:\Users\Tilman\AppData\Local\Temp\bHYK074s9nuHlkY9.dll
C:\Users\Tilman\AppData\Local\Temp\BvMgAu70JHk519em.dll
C:\Users\Tilman\AppData\Local\Temp\C2wX4IbeuThEZQ1d.dll
C:\Users\Tilman\AppData\Local\Temp\CC72v5RXNsMS44O4.dll
C:\Users\Tilman\AppData\Local\Temp\cFc5yM2wm39o9dW2.dll
C:\Users\Tilman\AppData\Local\Temp\Ck7h8Xz953BIgUln.dll
C:\Users\Tilman\AppData\Local\Temp\d44C8H7Kk9cOBOs7.dll
C:\Users\Tilman\AppData\Local\Temp\d6IcEIkQA4qgTd2C.dll
C:\Users\Tilman\AppData\Local\Temp\Di6Ry1zS96114lQE.dll
C:\Users\Tilman\AppData\Local\Temp\ebRcr13I8BmB4qby.dll
C:\Users\Tilman\AppData\Local\Temp\eL08i5c44qcwWv6U.dll
C:\Users\Tilman\AppData\Local\Temp\eLR5V26ojkna2598.dll
C:\Users\Tilman\AppData\Local\Temp\F1S2LnzxWXomQZwO.dll
C:\Users\Tilman\AppData\Local\Temp\f5szPHcF78hkwagR.dll
C:\Users\Tilman\AppData\Local\Temp\Fhop04f518A6KHwa.dll
C:\Users\Tilman\AppData\Local\Temp\fileutil.dll
C:\Users\Tilman\AppData\Local\Temp\Fj76565ynGDx503r.dll
C:\Users\Tilman\AppData\Local\Temp\fN97GWBk8k1meFnq.dll
C:\Users\Tilman\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Tilman\AppData\Local\Temp\Fu56abHzmM1C398d.dll
C:\Users\Tilman\AppData\Local\Temp\g1qNGW9zPL1eUVYH.dll
C:\Users\Tilman\AppData\Local\Temp\G2p434EK116DD8Vg.dll
C:\Users\Tilman\AppData\Local\Temp\G3mnSTDKB79WCI5D.dll
C:\Users\Tilman\AppData\Local\Temp\g42Qan2juQrhHBzm.dll
C:\Users\Tilman\AppData\Local\Temp\G9uc342CT99lt0ge.dll
C:\Users\Tilman\AppData\Local\Temp\GGsHJhDz3kCY4XQj.dll
C:\Users\Tilman\AppData\Local\Temp\Ha2vcpN4Y4PtayCZ.dll
C:\Users\Tilman\AppData\Local\Temp\hQZV68pP9N2lcf62.dll
C:\Users\Tilman\AppData\Local\Temp\hwq2R7901UtiOUA5.dll
C:\Users\Tilman\AppData\Local\Temp\IaV1961FS7a9I7Kq.dll
C:\Users\Tilman\AppData\Local\Temp\IC9O29hpP6G3T87F.dll
C:\Users\Tilman\AppData\Local\Temp\Install Quixel SUITE.exe
C:\Users\Tilman\AppData\Local\Temp\iwKzqLKBH2T7rml4.dll
C:\Users\Tilman\AppData\Local\Temp\iZnr05c2KNMiR29l.dll
C:\Users\Tilman\AppData\Local\Temp\J45t6LdvaT45XqsH.dll
C:\Users\Tilman\AppData\Local\Temp\J5NXanXqg9mmeM0s.dll
C:\Users\Tilman\AppData\Local\Temp\jBl9RZ0tw1wueWRy.dll
C:\Users\Tilman\AppData\Local\Temp\jQ4SsYD6vLtuWtMi.dll
C:\Users\Tilman\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Tilman\AppData\Local\Temp\k4187gVfX6h59i0X.dll
C:\Users\Tilman\AppData\Local\Temp\k45lQji78UejGPbs.dll
C:\Users\Tilman\AppData\Local\Temp\Kd07a08UnMm4H6O4.dll
C:\Users\Tilman\AppData\Local\Temp\KS3QOM3V2uVE316J.dll
C:\Users\Tilman\AppData\Local\Temp\KW3HMQ7XwdZH3PFv.dll
C:\Users\Tilman\AppData\Local\Temp\kY19X9gx6iGoUuXB.dll
C:\Users\Tilman\AppData\Local\Temp\LMpP9ZeM64g88u40.dll
C:\Users\Tilman\AppData\Local\Temp\lxi5fsE5r4q7I47i.dll
C:\Users\Tilman\AppData\Local\Temp\m822Qvh33647SJMB.dll
C:\Users\Tilman\AppData\Local\Temp\MGHbY4BDr6Kz29nL.dll
C:\Users\Tilman\AppData\Local\Temp\my8DrnFnE2e9a9L6.dll
C:\Users\Tilman\AppData\Local\Temp\N5Swx5yaOMPrJP9o.dll
C:\Users\Tilman\AppData\Local\Temp\n7HTEUfc33aIOS8J.dll
C:\Users\Tilman\AppData\Local\Temp\n8n0wMRWd96jD895.dll
C:\Users\Tilman\AppData\Local\Temp\nK674wxs4rX76rdB.dll
C:\Users\Tilman\AppData\Local\Temp\NNdWj2w0kqWDg4UE.dll
C:\Users\Tilman\AppData\Local\Temp\NTy095bZlyvTQb56.dll
C:\Users\Tilman\AppData\Local\Temp\Nv5uh6tJNY07R88K.dll
C:\Users\Tilman\AppData\Local\Temp\og5PIzWO7YCnIgtc.dll
C:\Users\Tilman\AppData\Local\Temp\oIParY90Q4np85AX.dll
C:\Users\Tilman\AppData\Local\Temp\oy9680KCi3srZ7g7.dll
C:\Users\Tilman\AppData\Local\Temp\P54TYIFMpzcS6k01.dll
C:\Users\Tilman\AppData\Local\Temp\PemchFSP4lER1lXK.dll
C:\Users\Tilman\AppData\Local\Temp\pK6BZe927YD2itKl.dll
C:\Users\Tilman\AppData\Local\Temp\PlF5TfHPn76L7gI8.dll
C:\Users\Tilman\AppData\Local\Temp\QIW6J9MWP4TM5qAV.dll
C:\Users\Tilman\AppData\Local\Temp\qtG1mQ2Dp9C8Gw64.dll
C:\Users\Tilman\AppData\Local\Temp\Quarantine.exe
C:\Users\Tilman\AppData\Local\Temp\r5wJs3B2Q48i0bC9.dll
C:\Users\Tilman\AppData\Local\Temp\R6fY47gI7VL1ZQax.dll
C:\Users\Tilman\AppData\Local\Temp\RB5gpcD6SGM0rX3N.dll
C:\Users\Tilman\AppData\Local\Temp\Rd223rDK2zp07d3H.dll
C:\Users\Tilman\AppData\Local\Temp\rHD4Ck7IluX9S17R.dll
C:\Users\Tilman\AppData\Local\Temp\rZK0daFQ2J5N3vgV.dll
C:\Users\Tilman\AppData\Local\Temp\S46nfxrcQ95s93vE.dll
C:\Users\Tilman\AppData\Local\Temp\s764FMNifJWa90BS.dll
C:\Users\Tilman\AppData\Local\Temp\SendRpt.exe
C:\Users\Tilman\AppData\Local\Temp\Setup.exe
C:\Users\Tilman\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Tilman\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Tilman\AppData\Local\Temp\sfareca00001.dll
C:\Users\Tilman\AppData\Local\Temp\sfextra.dll
C:\Users\Tilman\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tilman\AppData\Local\Temp\sonarinst.exe
C:\Users\Tilman\AppData\Local\Temp\sqlite3.dll
C:\Users\Tilman\AppData\Local\Temp\Sw8433mLpF9mBm62.dll
C:\Users\Tilman\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Tilman\AppData\Local\Temp\SX0YJ08LjW5Wv58U.dll
C:\Users\Tilman\AppData\Local\Temp\TIoLU62brzkHNZEg.dll
C:\Users\Tilman\AppData\Local\Temp\ULn1UWChNxH29xN9.dll
C:\Users\Tilman\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Tilman\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\Tilman\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\Tilman\AppData\Local\Temp\VmrlZ32fX40GSGXB.dll
C:\Users\Tilman\AppData\Local\Temp\vspCyhtNl2KQ5M1f.dll
C:\Users\Tilman\AppData\Local\Temp\W1wN02Fe67Uj1539.dll
C:\Users\Tilman\AppData\Local\Temp\Wildstar.exe
C:\Users\Tilman\AppData\Local\Temp\Ww76D0yv4jP85Zj8.dll
C:\Users\Tilman\AppData\Local\Temp\wZ4ApBO86gYS1Gnt.dll
C:\Users\Tilman\AppData\Local\Temp\X6wZx7591e5H1IMH.dll
C:\Users\Tilman\AppData\Local\Temp\Xq0g7L72LCXF4U3b.dll
C:\Users\Tilman\AppData\Local\Temp\xx9B6nIc5F80e6hm.dll
C:\Users\Tilman\AppData\Local\Temp\y1542E3q9u3DnWd2.dll
C:\Users\Tilman\AppData\Local\Temp\y74Eu0Q43iT8nrzY.dll
C:\Users\Tilman\AppData\Local\Temp\z6TVNidcS729c44n.dll
C:\Users\Tilman\AppData\Local\Temp\zbqaAvqbpMu6TmBB.dll
C:\Users\Tilman\AppData\Local\Temp\ZIO7H4Z3OQ391418.dll
C:\Users\Tilman\AppData\Local\Temp\ZKBIER5ld8Cv9OCK.dll
C:\Users\Tilman\AppData\Local\Temp\zx81VKyJ8vv964Tp.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-10 14:54

==================== End Of Log ============================
         

--- --- ---

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

F:\Downloads\MotioninJoy - CHIP-Installer.exe

F:\Downloads\NovaBench - CHIP-Installer.exe

F:\Downloads\Steam Mover - CHIP-Installer.exe

F:\Program Files (x86)\South Park The Stick of Truth\winmm.dll
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Frisches FRST log bitte.

Fixlog:

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2015
Ran by Tilman at 2015-01-16 13:45:05 Run:1
Running from C:\Users\Tilman\Desktop
Loaded Profiles: Tilman (Available profiles: Tilman)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
F:\Downloads\MotioninJoy - CHIP-Installer.exe

F:\Downloads\NovaBench - CHIP-Installer.exe

F:\Downloads\Steam Mover - CHIP-Installer.exe

F:\Program Files (x86)\South Park The Stick of Truth\winmm.dll
Emptytemp:
         
*****************

F:\Downloads\MotioninJoy - CHIP-Installer.exe => Moved successfully.
F:\Downloads\NovaBench - CHIP-Installer.exe => Moved successfully.
F:\Downloads\Steam Mover - CHIP-Installer.exe => Moved successfully.
F:\Program Files (x86)\South Park The Stick of Truth\winmm.dll => Moved successfully.
EmptyTemp: => Removed 4.7 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 13:45:20 ====
         

Frischer FRST Log:


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Tilman (administrator) on TILMANN-LAPTOP on 16-01-2015 14:05:48
Running from C:\Users\Tilman\Desktop
Loaded Profiles: Tilman (Available profiles: Tilman)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(The Eraser Project) F:\Programme\Eraser\Eraser.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Tilman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Elaborate Bytes AG) F:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) F:\Programme\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Mozilla Corporation) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Eraser] => F:\Programme\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [AutoShutdownManager] => F:\Program Files (x86)\AutoShutdownManager\AutoShutdownManager.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => F:\Programme\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => F:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [iTunesHelper] => F:\Programme\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Auto] => D:\autorun.exe
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Spotify Web Helper] => C:\Users\Tilman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Run: [Google Update] => C:\Users\Tilman\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-15] (Google Inc.)
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {30051a22-9181-11e3-8251-fcf8ae69c200} - "G:\setup.exe" 
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {c09c35a3-8f10-11e3-824b-806e6f6e6963} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {ff906f68-e908-11e3-8275-0090f5ef372e} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\MountPoints2: {ff906f85-e908-11e3-8275-0090f5ef372e} - "H:\WD SmartWare.exe" autoplay=true
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3316766629-2442458801-244027669-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> F:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.5.8.1 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\j3omc4po.default-1421412212958
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> F:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> F:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tilman\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @talk.google.com/O1DPlugin -> C:\Users\Tilman\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tilman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tilman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-3316766629-2442458801-244027669-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\Tilman\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tilman\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: FT DeepDark - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\j3omc4po.default-1421412212958\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-01-16]
FF Extension: WOT - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\j3omc4po.default-1421412212958\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-01-16]
FF Extension: FindBar Tweak - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\j3omc4po.default-1421412212958\Extensions\fbt@quicksaver.xpi [2015-01-16]
FF Extension: Private Tab - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\j3omc4po.default-1421412212958\Extensions\privateTab@infocatcher.xpi [2015-01-16]
FF Extension: InstantFox - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\j3omc4po.default-1421412212958\Extensions\searchy@searchy.xpi [2015-01-16]
FF Extension: Adblock Plus - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\j3omc4po.default-1421412212958\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-16]
FF Extension: BetterPrivacy - C:\Users\Tilman\AppData\Roaming\Mozilla\Firefox\Profiles\j3omc4po.default-1421412212958\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-01-16]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-06]
FF HKU\S-1-5-21-3316766629-2442458801-244027669-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-29]
FF StartMenuInternet: FIREFOX.EXE - F:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
S4 MBAMScheduler; F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; F:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; F:\Programme\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-12-30] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-12-30] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-06] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-01-23] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-01-23] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700680 2014-01-23] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 13:43 - 2015-01-16 13:43 - 00000000 ____D () C:\Users\Tilman\Desktop\Alte Firefox-Daten
2015-01-16 13:41 - 2015-01-16 13:41 - 00000843 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-16 13:41 - 2015-01-16 13:41 - 00000843 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-16 13:41 - 2015-01-16 13:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-16 13:37 - 2015-01-16 13:37 - 00000958 _____ () C:\Users\Tilman\Desktop\Revo Uninstaller.lnk
2015-01-16 13:33 - 2015-01-16 13:33 - 00000000 __SHD () C:\Users\Tilman\AppData\Local\EmieBrowserModeList
2015-01-16 10:27 - 2015-01-16 10:26 - 00852505 _____ () C:\Users\Tilman\Desktop\SecurityCheck.exe
2015-01-15 18:03 - 2015-01-15 18:03 - 00000901 _____ () C:\Users\Tilman\Desktop\JRT.txt
2015-01-15 18:00 - 2015-01-15 18:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-15 17:50 - 2015-01-15 17:53 - 00000000 ____D () C:\AdwCleaner
2015-01-15 17:49 - 2015-01-15 17:49 - 01707939 _____ (Thisisu) C:\Users\Tilman\Desktop\JRT.exe
2015-01-15 17:44 - 2015-01-15 17:44 - 02191360 _____ () C:\Users\Tilman\Desktop\AdwCleaner_4.107.exe
2015-01-15 14:54 - 2015-01-15 14:54 - 01088184 _____ () C:\Users\Tilman\Desktop\Kaspersky.txt
2015-01-15 14:42 - 2015-01-15 14:42 - 00002976 _____ () C:\Users\Tilman\Desktop\mbam.txt
2015-01-15 14:21 - 2015-01-15 18:17 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 14:19 - 2015-01-15 14:19 - 00000822 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-15 14:19 - 2015-01-15 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-15 14:19 - 2015-01-15 14:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-15 14:19 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-15 14:19 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-15 14:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-15 14:13 - 2015-01-15 14:13 - 00380416 _____ () C:\Users\Tilman\Desktop\Gmer-19357.exe
2015-01-15 14:12 - 2015-01-16 10:28 - 00047157 _____ () C:\Users\Tilman\Desktop\Addition.txt
2015-01-15 14:11 - 2015-01-16 14:05 - 00028582 _____ () C:\Users\Tilman\Desktop\FRST.txt
2015-01-15 14:11 - 2015-01-16 14:05 - 00000000 ____D () C:\FRST
2015-01-15 14:10 - 2015-01-15 14:09 - 02125312 _____ (Farbar) C:\Users\Tilman\Desktop\FRST64.exe
2015-01-15 14:07 - 2015-01-15 14:37 - 00000476 _____ () C:\Users\Tilman\Desktop\defogger_disable.log
2015-01-15 14:07 - 2015-01-15 14:07 - 00000000 _____ () C:\Users\Tilman\defogger_reenable
2015-01-15 14:06 - 2015-01-15 14:04 - 00050477 _____ () C:\Users\Tilman\Desktop\Defogger.exe
2015-01-15 12:55 - 2015-01-15 12:55 - 02347384 _____ (ESET) C:\Users\Tilman\Desktop\esetsmartinstaller_deu.exe
2015-01-15 12:49 - 2015-01-15 12:49 - 00421350 _____ () C:\Users\Tilman\Desktop\bookmarks-2015-01-15.json
2015-01-14 16:40 - 2015-01-14 16:40 - 00011557 _____ () C:\Users\Tilman\Desktop\Neuer PC.xlsx
2015-01-07 14:20 - 2015-01-07 14:20 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Mootools
2015-01-07 14:17 - 2015-01-07 14:17 - 00000915 _____ () C:\Users\Public\Desktop\Polygon Cruncher (x64 bits) 10.51.lnk
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\ProgramData\Mootools
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polygon Cruncher (x64 bits)
2015-01-07 14:17 - 2015-01-07 14:17 - 00000000 ____D () C:\Program Files\Polygon Cruncher
2014-12-31 20:36 - 2015-01-10 15:41 - 00000096 _____ () C:\Users\Tilman\AppData\Roaming\WB.CFG
2014-12-31 19:36 - 2015-01-01 18:42 - 00000951 _____ () C:\Users\Tilman\Desktop\JDownloader.lnk
2014-12-30 19:04 - 2014-12-30 19:04 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-30 04:33 - 2014-12-30 04:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2014-12-29 18:40 - 2014-12-29 18:40 - 00001124 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-12-29 18:40 - 2014-12-29 18:40 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-12-26 10:55 - 2014-12-26 10:55 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-21 02:53 - 2014-12-27 13:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-18 09:43 - 2014-12-18 09:43 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Skyrim
2014-12-18 01:45 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-18 01:45 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-12-18 01:45 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-12-18 01:45 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-12-18 01:45 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-12-18 01:45 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-12-18 01:45 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2014-12-18 01:45 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-12-18 01:45 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-12-18 01:45 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-12-18 01:45 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-12-18 01:45 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-12-18 01:45 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-12-18 01:45 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-12-18 01:45 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-18 01:45 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-12-18 01:45 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-12-18 01:45 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-12-18 01:45 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-12-18 01:45 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-12-18 01:45 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-12-18 01:45 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-18 01:45 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-12-18 01:45 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-12-18 01:45 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-12-18 01:45 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-12-18 01:45 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-12-18 01:45 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-12-18 01:45 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-12-18 01:45 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-18 01:45 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-18 01:45 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-12-18 01:45 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-12-18 01:45 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-12-18 01:45 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-12-18 01:45 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-12-18 01:45 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-12-18 01:45 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-12-18 01:45 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-12-18 01:45 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-12-18 01:45 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2014-12-18 01:45 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2014-12-18 01:45 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2014-12-18 01:45 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2014-12-18 01:45 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2014-12-18 01:45 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2014-12-18 01:45 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2014-12-18 01:45 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2014-12-18 01:45 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2014-12-18 01:45 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2014-12-18 01:45 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2014-12-18 01:45 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2014-12-18 01:45 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-12-18 01:45 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-12-18 01:45 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2014-12-18 01:45 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-18 01:45 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2014-12-18 01:45 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-18 01:45 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-18 01:45 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-12-18 01:45 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-12-18 01:45 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2014-12-18 01:45 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2014-12-18 01:45 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-12-18 01:45 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-12-18 01:45 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-12-18 01:45 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-12-18 01:45 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2014-12-18 01:45 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2014-12-18 01:45 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2014-12-18 01:45 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-12-18 01:45 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-12-18 01:45 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-12-18 01:45 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-12-18 01:45 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-12-18 01:45 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-12-18 01:45 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2014-12-18 01:45 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2014-12-18 01:45 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2014-12-18 01:45 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-12-18 01:45 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2014-12-18 01:45 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-12-18 01:45 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-12-18 01:45 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-12-18 01:45 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-18 01:45 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-18 01:45 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-12-18 01:45 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-18 01:45 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-18 01:45 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-12-18 01:45 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2014-12-18 01:45 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2014-12-18 01:45 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2014-12-18 01:45 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-12-18 01:45 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2014-12-18 01:45 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2014-12-18 01:45 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2014-12-18 01:45 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-12-18 01:45 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2014-12-18 01:45 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2014-12-18 01:45 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-12-18 01:45 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2014-12-18 01:45 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2014-12-18 01:45 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2014-12-18 01:45 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2014-12-18 01:45 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2014-12-18 01:45 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-12-18 01:45 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2014-12-18 01:45 - 2014-10-17 05:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-18 01:45 - 2014-10-17 05:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-18 01:45 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-18 01:45 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-18 01:43 - 2014-12-18 01:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-12-18 01:43 - 2014-12-18 01:52 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-12-18 01:42 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-18 01:42 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-18 01:42 - 2014-12-13 11:08 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-12-18 01:26 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-18 01:26 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-17 16:10 - 2014-12-24 19:03 - 00000000 ____D () C:\Users\Tilman\Desktop\Messer Screenshots
2014-12-17 12:29 - 2014-12-24 19:03 - 00000931 _____ () C:\Users\Tilman\Desktop\Marmoset Toolbag 2.lnk
2014-12-17 12:29 - 2014-12-17 12:29 - 00000917 _____ () C:\Users\Tilman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marmoset Toolbag 2.lnk
2014-12-17 12:29 - 2014-12-17 12:29 - 00000000 ____D () C:\Program Files\Marmoset Toolbag 2
2014-12-17 00:13 - 2014-12-17 00:13 - 00000000 ____D () C:\Users\Tilman\Documents\Steam Cloud

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-16 13:57 - 2014-02-06 10:46 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3316766629-2442458801-244027669-1001
2015-01-16 13:52 - 2014-05-27 11:34 - 00000000 ____D () C:\Users\Tilman\AppData\Local\TSVNCache
2015-01-16 13:52 - 2014-02-06 12:05 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\Spotify
2015-01-16 13:52 - 2014-02-06 11:39 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-16 13:50 - 2014-02-06 10:37 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-16 13:50 - 2013-08-23 00:24 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-16 13:50 - 2013-08-23 00:24 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-16 13:46 - 2014-02-06 10:33 - 01969236 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-16 13:45 - 2014-02-06 10:32 - 00081896 _____ () C:\WINDOWS\PFRO.log
2015-01-16 13:45 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-16 13:45 - 2013-08-22 14:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-16 13:17 - 2014-09-15 23:01 - 00001154 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001UA.job
2015-01-16 12:19 - 2014-08-16 16:29 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Adobe
2015-01-16 05:00 - 2014-02-06 10:41 - 00000000 ____D () C:\Users\Tilman
2015-01-15 23:52 - 2014-02-06 16:37 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\TS3Client
2015-01-15 18:17 - 2014-02-06 12:07 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Spotify
2015-01-15 14:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-15 12:50 - 2014-10-21 09:06 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-15 12:50 - 2014-02-12 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-15 12:17 - 2014-09-15 23:01 - 00001102 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3316766629-2442458801-244027669-1001Core.job
2015-01-14 11:42 - 2014-02-06 22:51 - 00000000 ____D () C:\Users\Tilman\AppData\Local\Battle.net
2015-01-13 15:11 - 2013-08-22 15:46 - 00076662 _____ () C:\WINDOWS\setupact.log
2015-01-13 02:42 - 2014-09-17 23:07 - 00003438 _____ () C:\WINDOWS\System32\Tasks\Go sleep
2015-01-11 11:27 - 2014-02-14 03:12 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 02:05 - 2014-08-17 20:11 - 00000026 _____ () C:\Users\Tilman\Desktop\Folge.txt
2015-01-10 22:25 - 2014-02-28 14:36 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-01-10 16:20 - 2014-06-13 20:13 - 00000000 ____D () C:\Users\Tilman\Documents\Audible
2015-01-08 22:53 - 2014-02-28 14:36 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-01-07 14:17 - 2014-02-06 12:21 - 00000000 ____D () C:\Program Files\Autodesk
2015-01-07 09:22 - 2014-05-15 13:52 - 00000000 ____D () C:\Users\Tilman\Documents\Substance Painter
2015-01-07 09:18 - 2014-07-14 14:46 - 00000000 ____D () C:\Users\Tilman\Documents\Unreal Projects
2015-01-01 18:48 - 2014-02-14 11:27 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-01 18:47 - 2014-10-21 09:06 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-01-01 18:47 - 2014-10-21 09:06 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2015-01-01 18:47 - 2014-10-21 09:06 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2015-01-01 18:42 - 2014-02-12 12:48 - 00000915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-01-01 18:42 - 2014-02-12 12:48 - 00000867 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-01-01 18:42 - 2014-02-12 12:48 - 00000850 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-12-31 02:24 - 2014-03-18 19:15 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\vlc
2014-12-30 19:07 - 2014-06-07 15:11 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-12-30 04:32 - 2014-02-28 14:36 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-30 04:32 - 2014-02-06 13:08 - 00446757 _____ () C:\WINDOWS\DirectX.log
2014-12-29 18:40 - 2014-03-26 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-29 18:40 - 2014-03-26 12:18 - 00000000 ____D () C:\Users\Tilman\AppData\Roaming\DVDVideoSoft
2014-12-24 19:03 - 2014-03-12 10:11 - 00000132 _____ () C:\Users\Tilman\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-12-22 22:12 - 2014-02-10 15:56 - 00000000 ____D () C:\Users\Tilman\Documents\my games
2014-12-19 20:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-12-18 01:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-18 01:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-18 01:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-18 01:49 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 01:48 - 2014-02-08 04:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-18 01:48 - 2014-02-06 11:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-18 01:46 - 2014-02-08 04:38 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-18 01:45 - 2014-11-12 13:00 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-12-18 01:45 - 2014-11-12 13:00 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-12-18 01:43 - 2014-09-11 11:33 - 00000000 ____D () C:\Temp
2014-12-18 01:43 - 2014-02-06 10:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-17 16:16 - 2014-05-02 17:26 - 00000132 _____ () C:\Users\Tilman\AppData\Roaming\Adobe Targa Format CS6 Prefs

Files to move or delete:
====================
C:\Users\Tilman\{0B58B8BE-ECA4-40FE-BC61-189F9B1A2330}.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-10 14:54

==================== End Of Log ============================
         

--- --- ---

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

C:\Users\Tilman\{0B58B8BE-ECA4-40FE-BC61-189F9B1A2330}.dat
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
   • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
   • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
   • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
3. Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
   • Schließe alle offenen Programme.
   • Starte die delfix.exe mit einem Doppelklick.
   • Setze vor jede Funktion ein Häkchen.
   • Klicke auf Start.
   • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
   • Starte deinen Rechner abschließend neu.
4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

• Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
• Windows Updates
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
• Gehe sicher das die automatischen Updates aktiviert sind.
• Software Updates
  Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
  Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

• Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

• MalwareBytes Anti Malware
  Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
  Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
  Ein Tutorial zur Verwendung findest Du hier.
• WinPatrol
  Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

• SpywareBlaster
  Eine kurze Einführung findest du Hier
• MVPs hosts file
  Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
• WOT (Web of trust)
  Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

• Opera
• Mozilla Firefox.
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
    Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts

• Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
• verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
• Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
• Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

den Fixlog hat der leider beim ausführen vom DelFix gelöscht

aber wenn du sagst das jetzt alles fertig is dann ist das super

Gern Geschehen