Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: akm strafzahlung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.04.2015, 22:55   #1
mariod
 
akm strafzahlung - Standard

akm strafzahlung



hallo!
ich habe folgendes problem:
mein computer ( betriebssystem = windows 7 ) zeigt mir ein bild am bildschirm, wo drauf steht, dass mein computer gesperrt wurde. akm hätte raubkopien von heruntergeladener musik gefunden usw. ich denke das "phänomen" ist bekannt.
ich habe NICHTS überwiesen, weiss jedoch nicht genau, wie ich das ganze nun wieder weg bekomme.
ich kann eigentlich nicht mehr wirklich starten. diese anzeige kommt sofort. egal ob im abgesicherten modus oder im normalen modus....

kann mir bitte jemand helfen?

lg mario

Alt 05.04.2015, 23:09   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
akm strafzahlung - Standard

akm strafzahlung





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 06.04.2015, 11:13   #3
mariod
 
akm strafzahlung - Standard

akm strafzahlung



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by SYSTEM on MININT-OS4SUQR on 06-04-2015 12:08:06
Running from I:\
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12661352 2011-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-05-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [WrtMon.exe] => C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-26] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-01] (CyberLink)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-05-31] (Symantec Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\Cyberport\...\Run: [Scan Buttons] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\Cyberport\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATIHDE.EXE [241280 2012-07-11] (SEIKO EPSON CORPORATION)
HKU\Cyberport\...\Run: [EPLTarget\P0000000000000000] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATIHDE.EXE [241280 2012-07-11] (SEIKO EPSON CORPORATION)
HKU\Cyberport\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-11-06] (NETGEAR Inc.)
HKU\Cyberport\...\Run: [Moveslink2] => C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\Cyberport\...\Run: [Windows Audio HDi Driver] => C:\Users\Cyberport\AppData\Roaming\audiohd.exe [82837504 2014-07-25] (Simon Tatham)
HKU\Cyberport\...\RunOnce: [Application Restart #5] => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [5458040 2012-06-15] (Samsung Electronics CO., LTD.)
HKU\Cyberport\...\RunOnce: [Application Restart #4] => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [5458040 2012-06-15] (Samsung Electronics CO., LTD.)
HKU\Cyberport\...\RunOnce: [Application Restart #2] => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [5458040 2012-06-15] (Samsung Electronics CO., LTD.)
HKU\Cyberport\...\Winlogon: [Userinit] C:\Users\Cyberport\AppData\Roaming\loadit.exe [605360 2015-03-23] ()
HKU\Cyberport\...\Winlogon: [Shell] C:\Users\Cyberport\AppData\Roaming\loadit.exe [605360 2015-03-23] () <==== ATTENTION 
Startup: C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk ->  (No File)
Startup: C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
ShortcutTarget: ja.lnk ->  (No File)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-12-12] (Adobe Systems)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-09] (Microsoft Corporation)
S2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [77904 2011-05-26] (Diskeeper Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S3 hpqcxs08; C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.)
S2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [200032 2012-05-03] ()
S2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1160480 2012-11-23] (Infineon Technologies AG)
S2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [992544 2012-11-23] (Infineon Technologies AG)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-16] (Malwarebytes Corporation)
S2 Mezzmo; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [5344040 2014-06-26] (Conceiva Pty. Ltd.)
S2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-06] (Symantec Corporation)
S2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2014-11-06] (NETGEAR)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-05-31] (Symantec Corporation)
S2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [214304 2012-11-23] (Infineon Technologies AG)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-11-30] ()
S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-08-28] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-23] (Symantec Corporation)
S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
S5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249856 2010-03-24] (Huawei Technologies Co., Ltd.)
S0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [76368 2011-05-26] (Diskeeper Corporation)
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [223232 2011-10-23] (Huawei Technologies Co., Ltd.)
S5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-23] (Huawei Technologies Co., Ltd.)
S1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150403.001\IDSvia64.sys [671448 2015-04-05] (Symantec Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-16] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-03-16] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150405.004\ENG64.SYS [129752 2015-01-25] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150405.004\EX64.SYS [2137304 2015-01-25] (Symantec Corporation)
S2 NPF; C:\windows\system32\drivers\npf.sys [35344 2015-01-08] (CACE Technologies, Inc.)
S1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2012-11-23] (Infineon Technologies AG)
S2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-09] (Symantec Corporation)
S1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-22] (Todos Data System AB)
S1 ASMIO; \??\C:\Users\CYBERP~1\AppData\Local\Temp\7zSCA1.tmp\20120109_FWUpg1130\AsmIo64.sys [X]
S3 cpuz135; \??\C:\Users\CYBERP~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\CYBERP~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\acpials.sys 12C5274CD87449A2A37A607CDB321922
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 9E3B4946F7E1BCA0B763E19D81EDBF2C
C:\Windows\System32\DRIVERS\atikmpag.sys B9E1C7B7F1865F99B16FF2E1BB94EDB6
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asmthub3.sys 236023DAC93037A8DDE9539F36D7F3EE
C:\Windows\System32\DRIVERS\asmtxhci.sys 1390ABD16ADE1F2443B5749D06C4C8F2
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 43AD3D3E7674833FCA9A7C4E7180AD54
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys 99EE5EB9FCBAD85F1992C47C5BB68649
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\btwampfl.sys A0DFB69ADE3444C78B17636FCF28E898
C:\Windows\System32\drivers\btwaudio.sys 7CF028CE78696882B327FF13D2DFA534
C:\Windows\System32\DRIVERS\btwavdt.sys 3DEF2370E414B4E299673558BA171A51
C:\Windows\System32\DRIVERS\btwl2cap.sys 346B4051B3D7FF70E8F027869B8ECA6E
C:\Windows\System32\DRIVERS\btwrchid.sys 9937E0E4DFC0030560A6DFE9D3A94B39
C:\windows\system32\drivers\BVRPMPR5a64.SYS 9887CA12F407D7FBC7F48F3678F5F0B6
C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys E13A438F9E51DD034730678E33B73290
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 47A68B3DBBB34D4FE61DE221A8536627
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys B9773081AAF65E6D553496BA0CADCBB3
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ETD.sys F9B5EFCE2A856BBA9DA2A28252180036
C:\Windows\System32\DRIVERS\excsd.sys 05D55FFF90551E3E24F206A17AF36492
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 6E5CD3984742A922D0C183C7E82C3C94
C:\Windows\System32\DRIVERS\hw_quusbmdm.sys CB32F01890953A2FEE8FE01F289DF726
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 53CC5BF8B5A219119953C7ABB19A7705
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150403.001\IDSvia64.sys 4A2CAA578E0A829A15CD76CEC66A1E41
C:\Windows\System32\DRIVERS\igdkmd64.sys 0089B53F1BEFD34B7D8CA4AB021335FA
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 5205DE9BD47F633E06EF3EF3DE11EF99
C:\Windows\System32\DRIVERS\IntcDAud.sys AE594CC17C33AC146739494615E14851
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdpmd64.sys 0089B53F1BEFD34B7D8CA4AB021335FA
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 56ED3EE5FED6BF2FC1305CF872042868
C:\Windows\System32\Drivers\ksecpkg.sys 8BA90F480705D7153AD0060CCA62222A
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LHidFilt.Sys 96EB043E2843B5A87A486D0BC6921094
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LMouFilt.Sys A5C1DA229B3B660BBF3BDC30ADBFBB61
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\windows\system32\drivers\mbam.sys CF12E148C6FC151335B7D7FE03F1C7A2
C:\windows\system32\drivers\mwac.sys 0CE2F3E26C770CBAEB50787A2C1FD09E
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150405.004\ENG64.SYS 54F4B358F41C664CBDE4507D67EED1CD
C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150405.004\EX64.SYS A74D67EEEB3938FD2FA3B65B24C32C44
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\windows\system32\drivers\npf.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\DRIVERS\pccsmcfdx64.sys BC0018C2D29F655188A0ED3FA94FDB24
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\drivers\psd.sys F20612DF7E12DE3A087D0F44CC545FB1
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys E50CFB92986DCAB49DE93788FD695813
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\windows\system32\Drivers\SABI.sys 62DB6CC4B0818F1B5F3441241B098F12
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SGdrv64.sys 2FE1CD3AA602414841DB10AD96C95A5E
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS E163E10191958FF6A2B0B48353F9E9FD
C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS 68E7B6708B9EEE021301C483825D05EA
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39C
C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS 9F31630D7FC2DD9D5DA1CE359AAD1F46
C:\windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539
C:\Windows\System32\DRIVERS\SymIMv.sys 6DE89F4CDF0B31A5BAF2855F9D80F8BA
C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS 2C95265BE19F338E1C1090E4E91055BB
C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS 5570A74FF9B1EFBC5154DD1E2F05C517
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\shbecr.sys 03E62CD83A62859F4F796434EE6C385E
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 13A0DECD1794DE60A8427862C8669D27
C:\Windows\System32\DRIVERS\vwifimp.sys 49003B357D101CDC474937437ECF5ABC
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\system32\drivers\WSDScan.sys 4A2A5C50DD1A63577D3ACA94269FBC7F
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== Three Months Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-06 12:05 - 2015-04-06 12:08 - 00000000 ____D () C:\FRST
2015-04-05 19:19 - 2015-04-05 19:19 - 00000188 _____ () C:\CD Drive.lnk
2015-04-05 15:24 - 2015-04-05 15:24 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-04-05 15:23 - 2015-04-05 15:23 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-05 15:23 - 2015-04-05 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-05 15:23 - 2015-04-05 15:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-05 15:23 - 2015-03-16 20:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2015-04-05 15:23 - 2015-03-16 20:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2015-04-05 15:23 - 2015-03-16 20:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2015-04-05 15:16 - 2015-04-05 14:48 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Cyberport\Desktop\mbam-setup-2.1.4.1018.exe
2015-03-23 08:35 - 2015-03-23 10:03 - 00143328 _____ () C:\OTL.Txt
2015-03-23 00:34 - 2015-03-23 00:34 - 00000036 _____ () C:\Users\Cyberport\AppData\Roaming\url.txt
2015-03-23 00:31 - 2014-07-25 04:24 - 82837504 ____H (Simon Tatham) C:\Users\Cyberport\AppData\Roaming\audiohd.exe
2015-03-20 01:24 - 2015-03-20 01:24 - 00003470 _____ () C:\Windows\System32\Tasks\{6D729264-500E-475E-B671-3A85B7151DFA}
2015-03-20 01:22 - 2015-03-20 01:22 - 00003702 _____ () C:\Windows\System32\Tasks\{6A947401-EDCD-4E7E-8DA6-8550787FA20A}
2015-03-20 00:42 - 2015-03-20 00:42 - 00003130 _____ () C:\Windows\System32\Tasks\{0EB9849A-765A-40FB-A33E-D963182FC0D8}
2015-03-15 05:44 - 2015-02-19 20:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2015-03-15 05:44 - 2015-02-19 20:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2015-03-15 05:44 - 2015-02-19 20:40 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-03-15 05:44 - 2015-02-19 20:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2015-03-15 05:44 - 2015-02-19 20:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-15 05:44 - 2015-02-19 20:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-15 05:44 - 2015-02-19 20:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-15 05:44 - 2015-02-19 20:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-15 05:44 - 2015-02-19 19:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-03-15 05:44 - 2015-02-19 19:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-15 05:44 - 2015-02-02 19:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-03-15 05:44 - 2015-02-02 19:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-03-15 05:44 - 2015-02-02 19:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2015-03-15 05:44 - 2015-02-02 19:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2015-03-15 05:44 - 2015-02-02 19:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\System32\quartz.dll
2015-03-15 05:44 - 2015-02-02 19:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\System32\wmdrmsdk.dll
2015-03-15 05:44 - 2015-02-02 19:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2015-03-15 05:44 - 2015-02-02 19:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2015-03-15 05:44 - 2015-02-02 19:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2015-03-15 05:44 - 2015-02-02 19:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\System32\drmv2clt.dll
2015-03-15 05:44 - 2015-02-02 19:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\System32\cryptui.dll
2015-03-15 05:44 - 2015-02-02 19:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\System32\blackbox.dll
2015-03-15 05:44 - 2015-02-02 19:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\evr.dll
2015-03-15 05:44 - 2015-02-02 19:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\System32\drmmgrtn.dll
2015-03-15 05:44 - 2015-02-02 19:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\System32\cryptsp.dll
2015-03-15 05:44 - 2015-02-02 19:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2015-03-15 05:44 - 2015-02-02 19:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-15 05:44 - 2015-02-02 19:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-15 05:44 - 2015-02-02 19:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-15 05:44 - 2015-02-02 19:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-15 05:44 - 2014-06-27 16:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2015-03-15 05:43 - 2015-03-05 21:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-03-15 05:43 - 2015-03-05 21:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-03-15 05:43 - 2015-03-05 21:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-03-15 05:43 - 2015-03-05 21:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-03-15 05:43 - 2015-03-05 21:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-03-15 05:43 - 2015-03-05 21:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-03-15 05:43 - 2015-03-05 21:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-03-15 05:43 - 2015-03-05 21:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-03-15 05:43 - 2015-03-05 21:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-03-15 05:43 - 2015-03-05 21:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-15 05:43 - 2015-03-05 21:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-15 05:43 - 2015-03-05 21:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-15 05:43 - 2015-03-05 21:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-15 05:43 - 2015-03-05 21:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-15 05:43 - 2015-03-05 21:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-15 05:43 - 2015-03-05 21:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-15 05:43 - 2015-03-05 21:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-15 05:43 - 2015-03-05 21:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-15 05:43 - 2015-03-05 21:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-15 05:43 - 2015-03-05 21:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-15 05:43 - 2015-03-05 21:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-15 05:43 - 2015-03-05 21:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-15 05:43 - 2015-02-12 21:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-15 05:43 - 2015-02-12 21:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-03-15 05:43 - 2015-02-02 19:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2015-03-15 05:43 - 2015-02-02 19:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\System32\msscp.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\System32\msnetobj.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\msmmsp.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2015-03-15 05:43 - 2015-02-02 19:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2015-03-15 05:43 - 2015-02-02 19:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2015-03-15 05:43 - 2015-02-02 19:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-03-15 05:43 - 2015-02-02 19:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe
2015-03-15 05:43 - 2015-02-02 19:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2015-03-15 05:43 - 2015-02-02 19:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2015-03-15 05:43 - 2015-02-02 19:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\System32\rrinstaller.exe
2015-03-15 05:43 - 2015-02-02 19:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2015-03-15 05:43 - 2015-02-02 19:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\mfpmp.exe
2015-03-15 05:43 - 2015-02-02 19:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe
2015-03-15 05:43 - 2015-02-02 19:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\pcawrk.exe
2015-03-15 05:43 - 2015-02-02 19:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2015-03-15 05:43 - 2015-02-02 19:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2015-03-15 05:43 - 2015-02-02 19:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2015-03-15 05:43 - 2015-02-02 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\mferror.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-15 05:43 - 2015-02-02 19:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-15 05:43 - 2015-02-02 19:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-15 05:43 - 2015-02-02 19:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-15 05:43 - 2015-02-02 19:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-15 05:43 - 2015-02-02 19:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-15 05:43 - 2015-02-02 19:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-15 05:43 - 2015-02-02 19:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-15 05:43 - 2015-02-02 18:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2015-03-15 05:43 - 2015-01-30 19:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2015-03-15 05:43 - 2015-01-30 19:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-03-15 05:43 - 2015-01-30 15:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2015-03-15 05:43 - 2015-01-30 15:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2015-03-15 05:43 - 2014-10-31 14:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2015-03-15 05:43 - 2014-06-27 16:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2015-03-15 05:42 - 2015-02-25 19:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-03-15 05:42 - 2015-02-23 19:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-03-15 05:42 - 2015-02-23 18:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-15 05:42 - 2015-02-20 17:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-03-15 05:42 - 2015-02-20 16:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-15 05:42 - 2015-02-20 16:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-15 05:42 - 2015-02-20 16:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-15 05:42 - 2015-02-20 16:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-15 05:42 - 2015-02-20 15:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-03-15 05:42 - 2015-02-20 15:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-15 05:42 - 2015-02-19 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-03-15 05:42 - 2015-02-19 19:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-03-15 05:42 - 2015-02-19 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-03-15 05:42 - 2015-02-19 18:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-03-15 05:42 - 2015-02-19 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-03-15 05:42 - 2015-02-19 18:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-03-15 05:42 - 2015-02-19 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-03-15 05:42 - 2015-02-19 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-03-15 05:42 - 2015-02-19 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-03-15 05:42 - 2015-02-19 18:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-03-15 05:42 - 2015-02-19 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-03-15 05:42 - 2015-02-19 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-03-15 05:42 - 2015-02-19 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-03-15 05:42 - 2015-02-19 18:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-03-15 05:42 - 2015-02-19 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-03-15 05:42 - 2015-02-19 18:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-15 05:42 - 2015-02-19 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-03-15 05:42 - 2015-02-19 18:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-03-15 05:42 - 2015-02-19 18:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-15 05:42 - 2015-02-19 18:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-03-15 05:42 - 2015-02-19 18:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-15 05:42 - 2015-02-19 18:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-15 05:42 - 2015-02-19 18:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-15 05:42 - 2015-02-19 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-03-15 05:42 - 2015-02-19 18:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-15 05:42 - 2015-02-19 18:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-15 05:42 - 2015-02-19 18:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-15 05:42 - 2015-02-19 17:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-15 05:42 - 2015-02-19 17:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-15 05:42 - 2015-02-19 17:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-15 05:42 - 2015-02-19 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-03-15 05:42 - 2015-02-19 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-03-15 05:42 - 2015-02-19 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-03-15 05:42 - 2015-02-19 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-03-15 05:42 - 2015-02-19 17:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-03-15 05:42 - 2015-02-19 17:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-15 05:42 - 2015-02-19 17:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-15 05:42 - 2015-02-19 17:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-15 05:42 - 2015-02-19 17:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-03-15 05:42 - 2015-02-19 17:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-15 05:42 - 2015-02-19 17:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-15 05:42 - 2015-02-19 17:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-15 05:42 - 2015-02-19 17:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-03-15 05:42 - 2015-02-19 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-03-15 05:42 - 2015-02-19 17:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-15 05:42 - 2015-02-19 16:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-15 05:42 - 2015-02-19 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-15 05:42 - 2015-02-03 19:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2015-03-15 05:42 - 2015-02-03 18:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-15 05:42 - 2015-02-02 19:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2015-03-15 05:42 - 2015-02-02 19:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-15 05:42 - 2015-01-16 18:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2015-03-15 05:42 - 2015-01-16 18:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-05 13:52 - 2015-01-08 15:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-05 13:52 - 2015-01-08 15:43 - 00419936 _____ () C:\Windows\System32\locale.nls
2015-03-05 11:21 - 2015-03-05 11:21 - 01021856 _____ (Symantec Corporation) C:\Users\Cyberport\Documents\NortonN360Downloader.exe
2015-03-05 10:24 - 2015-01-08 19:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\System32\perftrack.dll
2015-03-05 10:24 - 2015-01-08 19:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\wdi.dll
2015-03-05 10:24 - 2015-01-08 19:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\System32\powertracker.dll
2015-03-05 10:24 - 2015-01-08 18:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-05 10:23 - 2015-02-03 19:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-03-05 10:23 - 2015-02-03 19:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-03-05 10:23 - 2015-02-03 19:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-03-05 10:23 - 2015-02-03 19:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-03-05 10:23 - 2015-02-03 19:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-03-05 10:23 - 2015-02-03 19:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2015-03-05 10:23 - 2015-02-03 19:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-03-05 10:23 - 2015-01-27 15:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2015-03-05 10:22 - 2014-11-25 19:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2015-03-05 10:22 - 2014-11-25 19:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-05 10:21 - 2014-12-07 19:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\System32\scesrv.dll
2015-03-05 10:21 - 2014-12-07 18:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-05 10:13 - 2015-03-05 10:13 - 00000000 ___RD () C:\Users\Cyberport\OneDrive
2015-03-05 10:13 - 2015-03-05 10:13 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-03-05 10:13 - 2015-03-05 10:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-03-05 10:02 - 2015-03-17 22:54 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-05 10:01 - 2015-03-05 10:01 - 01066176 _____ (Microsoft Corporation) C:\Users\Cyberport\Documents\Setup.X86.de-DE_O365HomePremRetail_014c48aa-77b1-4959-9fc9-6e4b27480a17_TX_DB_.exe
2015-02-17 06:29 - 2015-02-17 06:29 - 01247912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-02-08 04:04 - 2015-02-08 04:04 - 00001793 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-08 04:03 - 2015-02-08 04:04 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-08 04:03 - 2015-02-08 04:04 - 00000000 ____D () C:\Program Files\iTunes
2015-02-08 04:03 - 2015-02-08 04:03 - 00000000 ____D () C:\Program Files\iPod
2015-02-08 04:03 - 2015-02-08 04:03 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-07 23:07 - 2015-02-07 23:08 - 00000000 ____D () C:\Users\Cyberport\AppData\Local\Deployment
2015-02-07 23:07 - 2015-02-07 23:07 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\Suunto
2015-02-07 23:07 - 2015-02-07 23:07 - 00000000 ____D () C:\Users\Cyberport\AppData\Local\Apps\2.0
2015-02-07 23:06 - 2015-02-07 23:06 - 00434744 _____ () C:\Users\Cyberport\Documents\setup.exe
2015-01-25 03:07 - 2015-01-25 03:07 - 00000000 ____D () C:\Program Files (x86)\Handelsbanken kortläsare
2015-01-25 03:02 - 2015-01-25 03:02 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\BankID
2015-01-25 03:01 - 2015-01-25 03:01 - 00000000 ____D () C:\Program Files (x86)\BankID
2015-01-13 17:32 - 2014-12-18 19:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2015-01-13 17:32 - 2014-12-18 17:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2015-01-13 17:32 - 2014-12-11 09:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2015-01-13 17:32 - 2014-12-05 20:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2015-01-13 17:32 - 2014-12-05 19:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 17:32 - 2014-12-05 19:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-06 02:01 - 2013-11-09 06:23 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-04-06 02:01 - 2012-08-11 03:51 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-04-06 02:01 - 2012-02-10 12:47 - 00000043 _____ () C:\Windows\MezzmoMediaServer.INI
2015-04-06 02:00 - 2011-12-16 02:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-06 02:00 - 2010-11-20 19:47 - 00520676 _____ () C:\Windows\PFRO.log
2015-04-06 02:00 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-06 02:00 - 2009-07-13 20:51 - 00115598 _____ () C:\Windows\setupact.log
2015-04-05 19:08 - 2011-09-20 05:37 - 00000000 ____D () C:\Program Files\Diskeeper Corporation
2015-04-05 17:41 - 2012-09-01 01:04 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2015-04-05 17:06 - 2009-07-13 20:45 - 00031808 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-05 17:06 - 2009-07-13 20:45 - 00031808 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-05 17:00 - 2013-03-11 13:25 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-05 16:26 - 2012-09-01 00:59 - 00000000 ____D () C:\Users\Cyberport\Downloads\MAGIX_Video_deluxe_MX_Premium_18
2015-04-05 15:38 - 2011-09-20 16:07 - 01068482 _____ () C:\Windows\System32\perfh007.dat
2015-04-05 15:38 - 2011-09-20 16:07 - 00267318 _____ () C:\Windows\System32\perfc007.dat
2015-04-05 15:38 - 2009-07-13 21:13 - 00006264 _____ () C:\Windows\System32\PerfStringBackup.INI
2015-04-05 15:15 - 2011-09-20 21:27 - 01993159 _____ () C:\Windows\WindowsUpdate.log
2015-04-05 14:31 - 2011-12-10 14:05 - 00000000 ____D () C:\Windows\System32\Drivers\N360x64
2015-04-05 14:12 - 2013-06-21 01:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-23 08:43 - 2013-07-21 13:57 - 00000000 ____D () C:\Users\Cyberport\Documents\Usenet.nl
2015-03-23 08:31 - 2011-11-17 05:08 - 00000000 ____D () C:\users\Cyberport
2015-03-23 01:01 - 2014-01-09 00:54 - 00000644 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2013.job
2015-03-23 00:34 - 2014-06-01 06:14 - 00605360 _____ () C:\Users\Cyberport\AppData\Roaming\loadit.exe
2015-03-23 00:34 - 2013-07-21 13:57 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\Usenet.nl
2015-03-23 00:06 - 2012-01-07 10:37 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-22 23:39 - 2012-11-11 07:31 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\.oit
2015-03-20 11:34 - 2012-01-03 11:10 - 00000000 ____D () C:\Users\Cyberport\AppData\Local\CrashDumps
2015-03-20 02:05 - 2013-07-21 13:57 - 00000000 ____D () C:\Program Files (x86)\Usenet.nl
2015-03-20 01:26 - 2014-06-30 01:26 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\Azureus
2015-03-19 23:00 - 2014-01-09 00:54 - 00000488 _____ () C:\Windows\Tasks\AutoUpdate Allplan 2013.job
2015-03-17 23:33 - 2011-12-11 11:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-17 23:32 - 2012-03-11 11:14 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\HpUpdate
2015-03-15 12:52 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2015-03-15 09:31 - 2009-07-13 20:45 - 00708120 _____ () C:\Windows\System32\FNTCACHE.DAT
2015-03-15 09:29 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-15 09:29 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Dism
2015-03-15 09:03 - 2012-03-23 15:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-15 08:35 - 2013-07-24 14:31 - 00000000 ____D () C:\Windows\System32\MRT
2015-03-15 07:59 - 2011-12-16 01:42 - 122905848 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-03-15 05:05 - 2015-01-05 12:26 - 00000000 ____D () C:\Windows\System32\appraiser
2015-03-15 05:05 - 2014-06-16 17:02 - 00000000 ___SD () C:\Windows\System32\CompatTel
2015-03-15 05:05 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing
2015-03-15 05:04 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

Some content of TEMP:
====================
C:\Users\Cyberport\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Cyberport\AppData\Local\Temp\WUAuthHost.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================


==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {9e3fec3d-e3e4-11e0-8019-002454b4f0fe}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \windows
resumeobject            {9e3fec3d-e3e4-11e0-8019-002454b4f0fe}
nx                      OptIn
bootlog                 No

Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\9e3fec3f-e3e4-11e0-8019-002454b4f0fe\Winre.wim,{9e3fec40-e3e4-11e0-8019-002454b4f0fe}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\9e3fec3f-e3e4-11e0-8019-002454b4f0fe\Winre.wim,{9e3fec40-e3e4-11e0-8019-002454b4f0fe}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {9e3fec3d-e3e4-11e0-8019-002454b4f0fe}
device                  partition=C:
path                    \windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {9e3fec40-e3e4-11e0-8019-002454b4f0fe}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\9e3fec3f-e3e4-11e0-8019-002454b4f0fe\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 10%
Total physical RAM: 8105.55 MB
Available physical RAM: 7222.88 MB
Total Pagefile: 8103.75 MB
Available Pagefile: 7215.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:271 GB) (Free:54.86 GB) NTFS
Drive d: () (Fixed) (Total:398.73 GB) (Free:128.2 GB) NTFS
Drive e: (Volume) (Fixed) (Total:4.88 GB) (Free:4.83 GB) NTFS
Drive g: (SAMSUNG_REC) (Fixed) (Total:23.92 GB) (Free:0.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (KINGSTON) (Removable) (Total:14.94 GB) (Free:13.39 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 7.5 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=73)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 89CB90D1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=271 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=403.6 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.9 GB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)


LastRegBack: 2015-03-15 12:44

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 06.04.2015, 15:28   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
akm strafzahlung - Standard

akm strafzahlung



Wir machen jetzt erstmal einen Fix in den Reparatur-Oprionen, so dass wir dann im Normalmodus mit der Bereinigung fortfahren können.

Schritt 1



(Mit Hilfe eines anderen PCs)
Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
HKLM-x32\...\Run: [] => [X]
HKU\Cyberport\...\Run: [Moveslink2] => C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\Cyberport\...\Run: [Windows Audio HDi Driver] => C:\Users\Cyberport\AppData\Roaming\audiohd.exe [82837504 2014-07-25] (Simon Tatham)
HKU\Cyberport\...\Winlogon: [Userinit] C:\Users\Cyberport\AppData\Roaming\loadit.exe [605360 2015-03-23] ()
HKU\Cyberport\...\Winlogon: [Shell] C:\Users\Cyberport\AppData\Roaming\loadit.exe [605360 2015-03-23] ()  
Startup: C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
Startup: C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
C:\Users\Cyberport\AppData\Roaming\loadit.exe 
C:\Users\Cyberport\AppData\Roaming\audiohd.exe
         
Speichere dieses bitte als Fixlist.txt auf den USB-Stick, in das gleiche Verzeichnis in dem sich auch die FRST.exe befindet.
  • Stecke den USB-Stick mit FRST.exe und Fixlist.txt an den infizierten PC an und boote wieder in die Reparaturoptionen.
  • Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird Dir der Laufwerksbuchstabe Deines USB Sticks angezeigt (Sollte I:\ sein).
  • Schließe das notepad-Fenster wieder.
  • Starte die FRST.exe durch den Befehl
    Code:
    ATTFilter
    I:\frst64.exe
             
    in der Eingabeaufforderung.
  • Drücke auf den Fix Button.
    Es wird auf dem USB-Stick eine Fixlog.txt erstellt, deren Inhalt bitte ich Dich zu posten.

Kannst Du den Rechner wieder im Normalmodus starten? Falls ja, dann gleich weiter mit Schritt 2.

Schritt 2



Verschiebe FRST vom USB-Stick auf den Desktop.
  • Starte dann FRST.
  • Markiere auch die checkbox und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.

Bitte poste Fixlog.txt, FRST.txt und Addition.txt in Deiner nächsten Antwort.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 06.04.2015, 16:35   #5
mariod
 
akm strafzahlung - Standard

akm strafzahlung



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by SYSTEM at 2015-04-06 17:29:45 Run:1
Running from I:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\Cyberport\...\Run: [Moveslink2] => C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\Cyberport\...\Run: [Windows Audio HDi Driver] => C:\Users\Cyberport\AppData\Roaming\audiohd.exe [82837504 2014-07-25] (Simon Tatham)
HKU\Cyberport\...\Winlogon: [Userinit] C:\Users\Cyberport\AppData\Roaming\loadit.exe [605360 2015-03-23] ()
HKU\Cyberport\...\Winlogon: [Shell] C:\Users\Cyberport\AppData\Roaming\loadit.exe [605360 2015-03-23] ()  
Startup: C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
Startup: C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
C:\Users\Cyberport\AppData\Roaming\loadit.exe 
C:\Users\Cyberport\AppData\Roaming\audiohd.exe
         
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\Cyberport\Software\Microsoft\Windows\CurrentVersion\Run\\Moveslink2 => value deleted successfully.
HKU\Cyberport\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Audio HDi Driver => value deleted successfully.
HKU\Cyberport\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value deleted successfully.
HKU\Cyberport\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk => Moved successfully.
C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk => Moved successfully.
C:\Users\Cyberport\AppData\Roaming\loadit.exe => Moved successfully.
C:\Users\Cyberport\AppData\Roaming\audiohd.exe => Moved successfully.

==== End of Fixlog 17:29:49 ====
         
hallo jürgen,
vielen dank für die hilfe. ich weiss es zu schätzen!!!

lg mario

moment, ich war zu voreilig!!

ich kann tatsächlich wieder im normalmodus hochfahren!

die drei dateien kommen gleich!!


Alt 06.04.2015, 16:37   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
akm strafzahlung - Standard

akm strafzahlung



Zitat:
Zitat von mariod Beitrag anzeigen
ich kann tatsächlich wieder im normalmodus hochfahren!
__________________
--> akm strafzahlung

Alt 06.04.2015, 16:51   #7
mariod
 
akm strafzahlung - Standard

akm strafzahlung



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by SYSTEM at 2015-04-06 17:29:45 Run:1
Running from I:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\Cyberport\...\Run: [Moveslink2] => C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
HKU\Cyberport\...\Run: [Windows Audio HDi Driver] => C:\Users\Cyberport\AppData\Roaming\audiohd.exe [82837504 2014-07-25] (Simon Tatham)
HKU\Cyberport\...\Winlogon: [Userinit] C:\Users\Cyberport\AppData\Roaming\loadit.exe [605360 2015-03-23] ()
HKU\Cyberport\...\Winlogon: [Shell] C:\Users\Cyberport\AppData\Roaming\loadit.exe [605360 2015-03-23] ()  
Startup: C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
Startup: C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
C:\Users\Cyberport\AppData\Roaming\loadit.exe 
C:\Users\Cyberport\AppData\Roaming\audiohd.exe
         
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\Cyberport\Software\Microsoft\Windows\CurrentVersion\Run\\Moveslink2 => value deleted successfully.
HKU\Cyberport\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Audio HDi Driver => value deleted successfully.
HKU\Cyberport\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value deleted successfully.
HKU\Cyberport\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk => Moved successfully.
C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk => Moved successfully.
C:\Users\Cyberport\AppData\Roaming\loadit.exe => Moved successfully.
C:\Users\Cyberport\AppData\Roaming\audiohd.exe => Moved successfully.

==== End of Fixlog 17:29:49 ====
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Cyberport at 2015-04-06 17:38:49
Running from C:\Users\Cyberport\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen (HKLM-x32\...\Adobe_061850775b1c6d22bf2a145678e05e0) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{AE4D5AD9-5029-1B9A-197F-9F1792F7BBD2}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.4.0 - Asmedia Technology)
AutoCAD Architecture 2011 - Deutsch (HKLM\...\AutoCAD Architecture 2011 - Deutsch) (Version: 6.5.49.0 - Autodesk)
AutoCAD Architecture 2011 - Deutsch (Version: 6.5.49.0 - Autodesk) Hidden
AutoCAD Architecture 2011 Language Pack - Deutsch (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.)
Autodesk Design Review 2011 (x32 Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
BankID säkerhetsprogram (HKLM-x32\...\{4B2557F9-8C03-4BE7-9984-4DE525076580}) (Version: 6.2.5.1 - Finansiell ID-Teknik BID AB)
Benutzerhandbuch EPSON WF-7525 Series (HKLM-x32\...\EPSON WF-7525 Series Useg) (Version:  - )
Bob the Builder - Can-Do Carnival (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Burger Shop 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CINEMA 4D 11.514 (HKLM\...\MAXONB6EC381C) (Version: 11.514 - MAXON Computer GmbH)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2417.02 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Der Restaurant-Manager 1.5  Vollversion.de Edition (HKLM-x32\...\ST6UNST #1) (Version:  - )
Diego's Ultimate Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Druckerdeinstallation für EPSON WF-7515 Series (HKLM\...\EPSON WF-7515 Series) (Version:  - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON WF-7525 Series (HKLM\...\EPSON WF-7525 Series) (Version:  - SEIKO EPSON Corporation)
Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.27 - Samsung Electronics CO., LTD.)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON StandardBusinessPrinters Printer Uninstall (HKLM\...\EPSON StandardBusinessPrinters) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V3 (HKLM-x32\...\{2B0CDD4D-5C1A-47F7-89E2-9BF604670ABC}) (Version: 3.7.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ergo_win premium pro 2.1 (HKLM-x32\...\ergo_win premium pro 2.1) (Version:  - daum electronic gmbh)
ErgoPlanet (HKLM-x32\...\{A4478A48-6DFD-47EB-8140-B0E373047805}) (Version: 1.0.0 - ErgoPlanet)
ESS Energie Indikator (HKLM-x32\...\{6E83470B-5EE2-407D-ABFC-CC87E070ED8C}) (Version: 20.13.0 - Nemetschek Allplan GmbH)
ETDWare PS/2-X64 10.7.16.1_WHQL (HKLM\...\Elantech) (Version: 10.7.16.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{77EDCFE0-4431-40B1-93AD-BF1F4C55D131}) (Version: 1.0.46 - Diskeeper Corporation)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
ffdshow v1.1.4225 [2012-01-05] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4225.0 - )
FileZilla Client 3.5.2 (HKLM-x32\...\FileZilla Client) (Version: 3.5.2 - FileZilla Project)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FishCo (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
General Runtime Files for Allplan 2013-1 Release (x32 Version: 1.7.0.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Allplan 2013-1 Release x64 (Version: 1.4.0.0 - Nemetschek Allplan Systems GmbH) Hidden
GEQ (HKLM-x32\...\InstallShield_{E467EB7E-320F-4E9E-8AC4-133116C09189}) (Version: 100.12.0951 - Zehentmayer Software GmbH)
GEQ (x32 Version: 100.12.0951 - Zehentmayer Software GmbH) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB)
Handelsbankens kortläsare (HKLM-x32\...\{35C938B6-F72A-4D92-B8B5-A1F0F9B1DC76}) (Version: 1.00.0000 - Todos Data System AB)
Happy Chef (x32 Version: 3.0.2.38 - WildTangent) Hidden
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.410.08.00.06 - Huawei Technologies Co.,Ltd)
HP Scanjet G3110 (HKLM\...\{9B4E2E01-D726-414F-947D-8CE4EC074EB6}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Speicher-Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpg3110 (x32 Version: 13.0.0.0 - Ihr Firmenname) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Infineon TPM Professional Package (HKLM\...\{127D5F95-D83A-40FC-AB4E-109A0B33F296}) (Version: 3.7.000 - Infineon Technologies AG)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3086 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Interactive Guide (HKLM-x32\...\{CB383BE9-7518-4ABD-826E-8FC4695F7D52}) (Version: 1.1 - )
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Jo's Dream: Organic Coffee (x32 Version: 3.0.2.32 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
MAGIX Screenshare (HKLM-x32\...\{B6DC1DD5-52D8-491B-925B-02050B4105FA}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Demo) (HKLM-x32\...\MX.{D7954E63-6339-47B6-91E5-AA159BB3B6CB}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Demo) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Designelemente) (HKLM-x32\...\MX.{53BBE66D-C843-4E0A-A317-2F0B8FA29485}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Designelemente) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (HKLM-x32\...\MX.{BD329C68-4F9A-4ACD-A2D0-D6D59380E6E7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Filmvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Fotoshow Maker-Stile 1) (HKLM-x32\...\MX.{60308EFA-D8E4-4A36-9DAC-92B19CA82893}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Fotoshow Maker-Stile 1) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Fotoshow Maker-Stile 2) (HKLM-x32\...\MX.{94E7DFD0-F398-4AA6-843F-199DBB3BCF34}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Fotoshow Maker-Stile 2) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Individuelle Menüvorlagen) (HKLM-x32\...\MX.{CC60A2A8-FD80-471E-89AF-4CFCBD6964E8}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Individuelle Menüvorlagen) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Menüvorlagen 1) (HKLM-x32\...\MX.{17BCC3D6-6414-482F-8EE3-1C3324604198}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Menüvorlagen 1) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Menüvorlagen 2) (HKLM-x32\...\MX.{7A8A6B7D-D368-44C8-9B31-ABB31FEF130F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Menüvorlagen 2) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (NewBlueFX ColorFast) (HKLM-x32\...\MX.{D9D24F5F-1E36-48BE-9419-CF97B34AB063}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (NewBlueFX ColorFast) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (proDAD Heroglyph 4.0) (HKLM-x32\...\MX.{CFD52E6D-2AF5-495C-87E3-4D243FE202E7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (proDAD Heroglyph 4.0) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Soundtrack Maker-Stile) (HKLM-x32\...\MX.{4ED07AA5-C9F9-424E-9CC6-E490129886F4}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Soundtrack Maker-Stile) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Titeleffekte) (HKLM-x32\...\MX.{5FDFCBBF-44F5-40B2-B5F3-C42E4C2DB69F}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Titeleffekte) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Tutorials) (HKLM-x32\...\MX.{CA8DAC8B-B5E2-4597-B681-AD5B0D8D0D61}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Tutorials) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Überblendeffekte) (HKLM-x32\...\MX.{3B812D22-B8EC-4060-B909-FF822FE7612B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Überblendeffekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_premium) (Version: 11.0.0.42 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (x32 Version: 11.0.0.42 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Mein 3DataManager (HKLM-x32\...\3DataManager) (Version: 1.1.1 - Mein 3DataManager)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Mezzmo (HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\Mezzmo) (Version: 4.0.5.0 - Conceiva Pty. Ltd.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Project Language Pack 2013  - German/Deutsch (HKLM-x32\...\Office15.PMUI.de-de) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MORE! 1 Grammar Practice (HKLM-x32\...\MoreGrammarPractice1) (Version: V1.2 - Helbling Languages )
MORE! 1 Grammar Practice (x32 Version: 1.2 - Helbling Languages ) Hidden
Moveslink2 (HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\09caaf8ee8bfbd57) (Version: 1.3.2.5336 - Amer Sports)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Muigg OPEN 2011 (HKLM-x32\...\{7A961AB2-2262-43FB-B220-94525CC3BBF4}) (Version: 18.0 - Computer Anwendungen Muigg)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )
Nemetschek Allplan 2013 (HKLM-x32\...\{FA47FBFD-2F6C-439A-B88C-2FFD6F4AE291}) (Version: 2013.0 - Nemetschek Allplan Systems GmbH)
Nemetschek SoftLock 2006 (HKLM-x32\...\{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}) (Version: 1.26.55 - )
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.46 - NETGEAR Inc.)
Netzwerkhandbuch EPSON WF-7525 Series (HKLM-x32\...\EPSON WF-7525 Series Netg) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{AF88496B-4BBA-4922-97E9-2582D3A28358}) (Version: 7.1.48.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.2.100.0 - Nokia)
Nokia Suite (x32 Version: 3.2.100.0 - Nokia) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{797808CA-1563-4EA0-A280-1371AC2F2310}) (Version: 1.3.0 - OLYMPUS IMAGING CORP.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panasonic DVC USB Driver (HKLM-x32\...\InstallShield_{D1014B9B-5704-4B27-B581-1C19B72528D1}) (Version: 2.02.0000 - Panasonic)
Panasonic DVC USB Driver (x32 Version: 2.02.0000 - Panasonic) Hidden
Pavtube ByteCopy Ver 2.3.0.5359 (HKLM-x32\...\{1B559EFF-8E4B-4AD6-9A13-491A0E119906}_is1) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}) (Version: 11.5.13.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.2 - Frank Heindörfer, Philip Chinery)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.10.0 - Prolific Technology INC)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RAIDar 4.1.3 (HKLM-x32\...\RAIDar 4.1.3) (Version:  - Netgear Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6428 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.48 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.0.11044_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.0.0.11044_11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-003B-0000-0000-0000000FF1CE}_Office15.PRJPRO_{115B7592-B71D-4C27-AB34-34268FB199CA}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-00B5-0407-0000-0000000FF1CE}_Office15.PMUI.de-de_{C18C5BE1-6209-477F-A88C-6BD332C9F641}) (Version:  - Microsoft)
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Super Collapse Puzzle Gallery 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
SW Update (HKLM-x32\...\{E74136C1-4ABE-44A2-8141-469818312175}) (Version: 2.2.0 - Samsung Electronics CO., LTD.)
The Treasures of Montezuma Bundle (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version:  - )
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8500 - Broadcom Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-samsung) (Version: 4.0.11.13 - WildTangent)
WildTangent Games App (x32 Version: 4.0.5.36 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wise Registry Cleaner 7.68 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 7.68 - WiseCleaner.com, Inc.)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Architecture 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Cyberport\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Cyberport\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Architecture 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Cyberport\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD Architecture 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD Architecture 2011\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Cyberport\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2638699081-1381549562-50355985-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Cyberport\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

06-04-2015 17:37:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2012-01-04 15:56 - 00000854 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01AED715-875E-480A-9A22-3FFE46D31E8F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {0244BB40-1B82-4517-A3DF-B46F456693B8} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2011-08-19] (Samsung Electronics Co., Ltd.)
Task: {04F417AC-4154-4DC6-A44E-93B84C681645} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {078EF1FB-E3D2-4780-8F03-0BD39C5908F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {0950DEC0-5711-4D43-A7B4-B0FE090D28CD} - System32\Tasks\KiesHelper => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-08-12] (Samsung)
Task: {0BB91662-2AA6-41AE-BE3E-818B2A234232} - System32\Tasks\{55582DAD-A591-4823-B623-FE0D33625F3C} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "d:\spiel\ST6UNST.LOG"
Task: {1306316E-D8AC-48B8-A954-E80DB25EEBAB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {1EAA722A-8B82-4442-ACBE-F3E6A1F48382} - System32\Tasks\{4D94C262-0B30-4EB6-AE40-CF344ADD1B11} => pcalua.exe -a G:\3DataManager\setup.exe -d G:\3DataManager
Task: {1F0B39A0-49E7-4546-9F45-D136D3E564F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {218059DC-6104-482B-9C95-2B64380B0C77} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A06\EPM.exe
Task: {22B8E01D-9E3E-4653-9A7E-0E124484B0F7} - System32\Tasks\{68C555DF-F1D0-4341-A427-19DE8A75AEA0} => D:\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe
Task: {261373C3-32CE-4FDE-9D2E-2BA3A5499174} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {2684F233-9198-4E55-9FD3-1358636D01A3} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {2C79DFDE-404D-451C-8B63-C23B5C2EF75F} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-06-24] (SEC)
Task: {3350AA52-BA0E-44A9-96B7-5287346EEA32} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {39D7F3C8-BC7D-4C73-96F8-65D33C2C004D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3A8AD77D-AF8A-43F3-92D0-92E3D2D5D386} - System32\Tasks\{C75346DD-63FC-4639-824B-E76328F26868} => pcalua.exe -a "F:\Programme\adobe\adobe cs 2\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe" -d "F:\Programme\adobe\adobe cs 2\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2"
Task: {3FA6F411-8536-42BC-B0F1-DD11D66808C0} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2011-08-19] (Samsung Electronics Co., Ltd.)
Task: {5D3AEF70-52F6-4E5E-AA9D-28C656C4967F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {615E1B69-1498-43B6-A0D8-2739F25C1FAF} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {69BE1933-DF85-48C5-8480-8C466FFB105A} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-06-02] (Samsung Electronics CO., LTD.)
Task: {71882A57-3C5B-4927-92D8-AED5A09BB0E5} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2011-08-25] (Samsung Electronics Co., Ltd.)
Task: {7B45F480-98FA-4AAF-BB79-E117E44412B1} - System32\Tasks\{D0B9E353-51FA-4B9A-A148-84ED370CB13D} => D:\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe
Task: {7D3DB66E-B98E-4187-84C0-686C6540E715} - System32\Tasks\{C3142516-D9B4-456F-938C-AFD4BF453DA2} => pcalua.exe -a C:\Users\Cyberport\Downloads\DriverBoost\DriverBoost\epson374722eu.exe -d C:\Users\Cyberport\Downloads\DriverBoost\DriverBoost
Task: {811B68FA-6024-4E00-B19C-B3C117CB80B0} - System32\Tasks\{F046318D-F829-4697-A3CD-5ED823E84FA3} => D:\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe
Task: {8BA58ED5-94AC-4E1D-A605-BA6C6F89E1BC} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2011-08-22] (Samsung Electronics Co., Ltd.)
Task: {9BF14D44-4E12-4338-A8C3-B34151D685E0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {9C2F0B5B-8AA5-487D-9F83-2CCE2C4503B5} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {A067C516-F8EF-428E-B84A-BD1F31FAFAE7} - System32\Tasks\{6D729264-500E-475E-B671-3A85B7151DFA} => pcalua.exe -a "D:\adobe cs 2\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe" -d "D:\adobe cs 2\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2"
Task: {A5A6E686-0F36-478A-A69D-8AF7F129F29E} - System32\Tasks\{6A947401-EDCD-4E7E-8DA6-8550787FA20A} => pcalua.exe -a "D:\adobe cs 2\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe" -d "D:\adobe cs 2\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2"
Task: {A7FA3099-B79E-4F0F-B8E8-35296DF98F6D} - System32\Tasks\{3A34B72E-101D-478D-ACE3-FD83B71F3613} => D:\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe
Task: {AABFD8C5-E791-42D0-A9F9-3EFECD8F08DC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {AC6BFDB2-B8A9-401F-8D82-D89DB6C2D9F8} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2011-08-19] (Samsung Electronics)
Task: {B01AA3A2-9160-4122-ADC0-95A03FE7836B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {B094ECB8-F35B-4A76-A755-2C0B329B6C26} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {B67D2787-D6AB-4794-BF23-A77E8B199F9A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated)
Task: {B6D2F800-E520-443B-A58A-A23466D735C3} - System32\Tasks\{0EB9849A-765A-40FB-A33E-D963182FC0D8} => pcalua.exe -a D:\AdobeCS3Design\Setup\Setup.exe -d D:\AdobeCS3Design\Setup
Task: {C423FDE8-554C-42CB-8BB6-C86D0BAF9B01} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-08-19] (SAMSUNG Electronics co., LTD.)
Task: {C5CD187D-D9DD-4D31-B9A6-DDFD56E2FE1C} - System32\Tasks\{4412070C-CDA6-4EFC-99A6-24D8DBBA3722} => pcalua.exe -a "D:\Adobe CS3.Design Premium German\AdobeCS3Design\Setup\Setup.exe" -d "D:\Adobe CS3.Design Premium German\AdobeCS3Design\Setup"
Task: {D56594D2-952C-4402-A81E-79E6DC00B058} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {D92872EA-6EDB-40B9-810A-556B04B083E9} - System32\Tasks\Shutdown Wien => C:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)
Task: {DDB9B30D-95A1-4849-8F09-31F218E891AC} - System32\Tasks\AutoUpdate Allplan 2013 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2013-03-01] (Nemetschek Allplan Systems GmbH)
Task: {E5091D0C-E420-42C9-910E-2A42AD1C499B} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-06-15] (Samsung Electronics CO., LTD.)
Task: {E5CA3F69-10DE-4985-B04F-3DDBD5DC3620} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EEEC6F68-401D-4923-AAB1-98B7F8C252A7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {F8BA7280-3275-4847-8749-3537AA954286} - System32\Tasks\WebContent AutoUpdate 2013 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2013-03-01] (Nemetschek Allplan Systems GmbH)
Task: {F938DB59-E920-4923-B064-B51BD38B27C4} - System32\Tasks\{F4EE8F32-1E3F-4BB3-A5C6-075CA989646B} => D:\Adobe Photoshop CS2 v9.0 FinaL + KeyGeN &amp; Activator==\Photoshop_CS2_tryout\Photoshop CS2\Setup.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoUpdate Allplan 2013.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe7/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\WebContent AutoUpdate 2013.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe…/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf /one http:/autoupdate.allplan.com/Updates/Allplan/MyPlan/2013/WebContent.upd

==================== Loaded Modules (whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-05 20:02 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-09-01 16:30 - 2012-05-03 17:16 - 00200032 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-04-05 00:18 - 2011-04-05 00:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-20 15:41 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-11-06 17:28 - 2014-11-06 17:28 - 00105216 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2011-11-09 09:55 - 2011-11-09 09:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-12-05 22:10 - 2011-12-05 22:10 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-02 09:07 - 2014-06-02 09:07 - 00062464 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\HS_REGEX.dll
2014-06-02 09:07 - 2014-06-02 09:07 - 00839680 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\LIBEAY32.dll
2014-06-02 09:07 - 2014-06-02 09:07 - 00159744 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\SSLEAY32.dll
2014-05-23 04:32 - 2014-05-23 04:32 - 00034304 _____ () C:\Program Files (x86)\Conceiva\Mezzmo\extension-functions.dll
2011-11-08 22:46 - 2011-11-08 22:46 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2011-09-20 15:55 - 2011-02-16 18:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2011-09-20 15:55 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2011-05-20 11:24 - 2011-05-20 11:24 - 00032256 _____ () C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
2012-11-11 17:28 - 2010-05-07 12:46 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PerformOcr.dll
2012-11-11 17:28 - 2010-12-23 14:17 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMISM.dll
2012-11-11 17:28 - 2007-03-30 11:24 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Qem.dll
2012-11-11 17:28 - 2010-12-29 18:52 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMCommon.dll
2012-11-11 17:28 - 2008-08-25 18:19 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll
2012-11-11 17:28 - 2011-03-11 11:47 - 00151040 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ScanModule.dll
2012-11-11 17:28 - 2010-12-20 17:21 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\CategoryManager.dll
2012-11-11 17:28 - 2010-10-22 11:01 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSet.dll
2012-11-11 17:28 - 2010-10-22 11:22 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSave.dll
2012-11-11 17:28 - 2010-12-29 19:32 - 00614400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDB_N.dll
2012-11-11 17:28 - 2009-08-06 11:22 - 00421888 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\FT.dll
2012-11-11 17:28 - 2010-09-09 19:00 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMINSO.dll
2012-11-11 17:28 - 2009-09-09 15:44 - 00151552 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMANO.dll
2012-11-11 17:28 - 2007-03-30 10:49 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ComClass.dll
2012-11-11 17:28 - 2010-08-03 11:44 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMOffice.dll
2012-11-11 17:28 - 2007-12-20 15:37 - 00176128 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\DocCate.dll
2012-11-11 17:28 - 2011-01-21 16:05 - 00258048 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMScnSet.dll
2012-11-11 17:28 - 2009-11-26 18:49 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NetFun2k.dll
2013-09-29 03:14 - 2013-09-29 03:14 - 03369922 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuin51.dll
2013-09-29 03:13 - 2013-09-29 03:13 - 00544817 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-09-29 03:13 - 2013-09-29 03:13 - 00989805 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2013-09-29 03:14 - 2013-09-29 03:14 - 01978690 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuuc51.dll
2013-09-29 03:14 - 2013-09-29 03:14 - 22378434 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icudt51.dll
2013-09-29 03:14 - 2013-09-29 03:14 - 01233408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2014-11-17 11:46 - 2014-11-17 11:46 - 00639488 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2014-11-10 11:55 - 2014-11-10 11:55 - 01686016 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2014-11-05 09:36 - 2014-11-05 09:36 - 00192512 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2014-11-05 09:37 - 2014-11-05 09:37 - 00632832 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2014-11-14 12:53 - 2014-11-14 12:53 - 06499840 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2014-06-30 03:55 - 2014-06-30 03:55 - 00068608 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2014-06-30 04:05 - 2014-06-30 04:05 - 01183232 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
2014-11-07 11:13 - 2014-11-07 11:13 - 02475520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2012-10-15 22:27 - 2012-10-15 22:27 - 00111616 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
2012-10-15 22:28 - 2012-10-15 22:28 - 02286592 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
2014-11-17 09:00 - 2014-11-17 09:00 - 01056768 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2014-09-11 10:39 - 2014-09-11 10:39 - 00144896 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2014-11-05 09:51 - 2014-11-05 09:51 - 01191424 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2014-11-17 08:21 - 2014-11-17 08:21 - 10374656 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2014-11-17 08:18 - 2014-11-17 08:18 - 02496512 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2014-11-06 11:39 - 2014-11-06 11:39 - 00200192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2014-11-05 09:58 - 2014-11-05 09:58 - 00889344 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2014-11-05 10:00 - 2014-11-05 10:00 - 00435712 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-09-29 03:13 - 2013-09-29 03:13 - 00051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2013-09-29 03:13 - 2013-09-29 03:13 - 00052224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2013-09-29 03:13 - 2013-09-29 03:13 - 00261120 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2013-09-29 03:13 - 2013-09-29 03:13 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2014-06-30 03:55 - 2014-06-30 03:55 - 00081408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2014-11-03 10:23 - 2014-11-03 10:23 - 00143360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2014-06-19 04:22 - 2014-06-19 04:22 - 02177405 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2014-09-04 08:00 - 2014-09-04 08:00 - 00072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2014-09-04 08:00 - 2014-09-04 08:00 - 00074240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2014-09-04 08:00 - 2014-09-04 08:00 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2012-10-15 22:28 - 2012-10-15 22:28 - 00219648 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-10-15 22:28 - 2012-10-15 22:28 - 00049664 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-10-15 22:28 - 2012-10-15 22:28 - 00051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-10-15 22:28 - 2012-10-15 22:28 - 00070144 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2013-09-29 03:13 - 2013-09-29 03:13 - 00040960 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2014-11-05 09:59 - 2014-11-05 09:59 - 00642048 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2014-11-05 10:01 - 2014-11-05 10:01 - 00458752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-06-30 04:33 - 2014-06-30 04:33 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2014-09-04 08:00 - 2014-09-04 08:00 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-11-11 17:28 - 2008-11-17 15:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\nsSign.dll
2012-11-11 17:28 - 2010-11-30 17:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMTree.dll
2012-11-11 17:28 - 2010-07-13 11:48 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMProp.dll
2012-11-11 17:28 - 2007-08-31 18:51 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMVoice.dll
2012-11-11 17:28 - 2010-09-08 18:10 - 00073728 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll
2012-11-11 17:28 - 2009-11-27 18:38 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAppBar.dll
2012-11-11 17:28 - 2010-11-26 11:33 - 04583424 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMView.dll
2012-11-11 17:28 - 2007-03-30 11:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll
2012-11-11 17:28 - 2010-09-26 12:13 - 00430080 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPageVW.dll
2012-11-11 17:28 - 2010-03-02 16:09 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDocVW.dll
2012-11-11 17:28 - 2009-06-26 10:03 - 00086016 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMApSet.dll
2012-11-11 17:28 - 2010-08-03 11:51 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll
2012-11-11 17:28 - 2009-12-04 18:20 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll
2012-11-11 17:28 - 2010-09-26 12:13 - 00184320 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImgVW.dll
2012-11-11 17:28 - 2008-08-25 17:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMIEVW.dll
2012-11-11 17:28 - 2010-09-08 11:52 - 00036864 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPDFView.dll
2012-11-11 17:28 - 2010-04-27 16:20 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMStatus.dll
2012-11-11 17:28 - 2007-03-30 10:57 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Import.dll
2012-11-11 17:28 - 2010-11-26 11:45 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll
2011-09-20 15:55 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2638699081-1381549562-50355985-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cyberport\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2638699081-1381549562-50355985-500 - Administrator - Disabled)
Cyberport (S-1-5-21-2638699081-1381549562-50355985-1000 - Administrator - Enabled) => C:\Users\Cyberport
Gast (S-1-5-21-2638699081-1381549562-50355985-501 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: ASMIO
Description: ASMIO
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ASMIO
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2015 05:36:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/06/2015 05:36:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/06/2015 05:36:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/06/2015 05:32:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2015 01:38:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/06/2015 01:38:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/06/2015 01:38:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/06/2015 01:17:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/06/2015 01:17:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/06/2015 01:17:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (04/06/2015 05:32:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/06/2015 05:31:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AFS
ASMIO

Error: (04/06/2015 00:01:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AFS
ASMIO

Error: (04/06/2015 08:49:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (04/06/2015 01:47:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (04/06/2015 01:44:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (04/06/2015 01:44:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (04/06/2015 01:44:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (04/06/2015 01:44:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (04/06/2015 01:44:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (04/06/2015 05:36:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/06/2015 05:36:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/06/2015 05:36:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/06/2015 05:32:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2015 01:38:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/06/2015 01:38:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/06/2015 01:38:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/06/2015 01:17:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/06/2015 01:17:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/06/2015 01:17:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2012-08-11 14:59:55.298
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-08-11 14:59:54.534
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2675QM CPU @ 2.20GHz
Percentage of memory in use: 49%
Total physical RAM: 8105.55 MB
Available physical RAM: 4060.43 MB
Total Pagefile: 16209.28 MB
Available Pagefile: 12238.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:271 GB) (Free:54.52 GB) NTFS
Drive d: () (Fixed) (Total:398.73 GB) (Free:128.13 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:14.94 GB) (Free:13.39 GB) FAT32
Drive h: (Volume) (Fixed) (Total:4.88 GB) (Free:4.83 GB) NTFS
Drive z: (Offline) (Network) (Total:271 GB) (Free:54.52 GB) CSC-CACHE

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 89CB90D1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=271 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=403.6 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.9 GB) - (Type=27)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=73)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)

==================== End Of Log ============================
         
so, das wären also nun die drei *.txt dateien.

bin bereits begeistert, dass ich schon wieder meinen normalen desktop sehe!!!
ich mache nichts, bis ich das "clean" von dir bekomme!

danke vorab schon mal!!!

lg mario

Alt 06.04.2015, 16:52   #8
mariod
 
akm strafzahlung - Standard

akm strafzahlung



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Cyberport (administrator) on LAPTOP-MARIO on 06-04-2015 17:35:11
Running from C:\Users\Cyberport\Desktop
Loaded Profiles: Cyberport (Available profiles: Cyberport)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXTCS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe
(NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\wscstub.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12661352 2011-08-01] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-05-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [WrtMon.exe] => C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\Run: [Scan Buttons] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATIHDE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\Run: [EPLTarget\P0000000000000000] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATIHDE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-11-06] (NETGEAR Inc.)
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\RunOnce: [Application Restart #5] => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [5458040 2012-06-15] (Samsung Electronics CO., LTD.)
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\RunOnce: [Application Restart #4] => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [5458040 2012-06-15] (Samsung Electronics CO., LTD.)
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\RunOnce: [Application Restart #2] => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [5458040 2012-06-15] (Samsung Electronics CO., LTD.)
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {0d3ae1b5-6ede-11e3-9766-c2d353e48511} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {0d3ae1b7-6ede-11e3-9766-c2d353e48511} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {2ab38e2f-3412-11e2-bddc-e0ca94755ff6} - G:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {2b0ef896-4582-11e2-a058-e0ca94755ff6} - G:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {2b0ef899-4582-11e2-a058-e0ca94755ff6} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {52503187-2318-11e1-ac4d-e0ca94755ff6} - G:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {939cb062-e70b-11e1-ab0d-e0ca94755ff6} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {9b1ab848-f3ab-11e1-9277-e81132dd6f11} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {9b1ab84d-f3ab-11e1-9277-e81132dd6f11} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {b1ba9011-ab8f-11e2-ad3d-e0ca94755ff6} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {bbd21042-3638-11e1-97c5-e0ca94755ff6} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {bbd21044-3638-11e1-97c5-e0ca94755ff6} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {bca56847-237a-11e1-821a-e0ca94755ff6} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {cb2191bd-f45b-11e1-af20-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {cb2191eb-f45b-11e1-af20-e0ca94755ff6} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {cfafea43-73f0-11e3-b60c-845afadec607} - F:\AutoRun.exe
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\...\MountPoints2: {cfafea45-73f0-11e3-b60c-845afadec607} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-2638699081-1381549562-50355985-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10004&barid={3DD93C5C-E71D-11E1-AB0D-E0CA94755FF6}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10004&barid={3DD93C5C-E71D-11E1-AB0D-E0CA94755FF6}
SearchScopes: HKU\S-1-5-21-2638699081-1381549562-50355985-1000 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10004&barid={3DD93C5C-E71D-11E1-AB0D-E0CA94755FF6}
SearchScopes: HKU\S-1-5-21-2638699081-1381549562-50355985-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2638699081-1381549562-50355985-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=retail&geo=DE&ver=5
SearchScopes: HKU\S-1-5-21-2638699081-1381549562-50355985-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10004&barid={3DD93C5C-E71D-11E1-AB0D-E0CA94755FF6}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-15] (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-15] (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-15] (Google Inc.)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-15] (Google Inc.)
Toolbar: HKU\S-1-5-21-2638699081-1381549562-50355985-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-11-27] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-06-16] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-04-06]
FF HKLM-x32\...\Firefox\Extensions: [fe_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2012-01-03]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-18]
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012-01-03]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> ask
CHR DefaultSearchURL: Default -> hxxp://int.search-results.com/web?q={searchTerms}&amp;o=15527&amp;l=dis&amp;prt=360&amp;chn=retail&amp;geo=DE&amp;ver=6&gct=sb&qsrc=2869
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.11.8_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Profile: C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Identity Safe) - C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]
CHR Extension: (Norton Security Toolbar) - C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-03-11]
CHR Extension: (Google Wallet) - C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Vuze Remote) - C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk [2014-06-30]
CHR Extension: (MapsGalaxy) - C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcpehlgijbdajfafffojllcaecaecngb [2014-06-24]
CHR Extension: (Gmail) - C:\Users\Cyberport\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-11]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-20]
CHR HKU\S-1-5-21-2638699081-1381549562-50355985-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\Cyberport\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2014-06-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\Cyberport\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2014-06-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-12-12] (Adobe Systems) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [77904 2011-05-26] (Diskeeper Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-12-13] (Macrovision Europe Ltd.) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S3 hpqcxs08; C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [200032 2012-05-03] ()
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1160480 2012-11-23] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [992544 2012-11-23] (Infineon Technologies AG)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Mezzmo; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [5344040 2014-06-27] (Conceiva Pty. Ltd.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2014-11-06] (NETGEAR)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [214304 2012-11-23] (Infineon Technologies AG)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-08-28] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-24] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249856 2010-03-24] (Huawei Technologies Co., Ltd.)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [76368 2011-05-26] (Diskeeper Corporation)
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [223232 2011-10-24] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150403.001\IDSvia64.sys [671448 2015-04-06] (Symantec Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150405.004\ENG64.SYS [129752 2015-01-25] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150405.004\EX64.SYS [2137304 2015-01-25] (Symantec Corporation)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2015-01-08] (CACE Technologies, Inc.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2012-11-23] (Infineon Technologies AG)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-09] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)
S1 ASMIO; \??\C:\Users\CYBERP~1\AppData\Local\Temp\7zSCA1.tmp\20120109_FWUpg1130\AsmIo64.sys [X]
S3 cpuz135; \??\C:\Users\CYBERP~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\CYBERP~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-06 22:05 - 2015-04-06 17:35 - 00000000 ____D () C:\FRST
2015-04-06 17:36 - 2015-04-06 17:36 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2015-04-06 17:35 - 2015-04-06 17:37 - 00033354 _____ () C:\Users\Cyberport\Desktop\FRST.txt
2015-04-06 17:34 - 2015-04-05 23:11 - 02095616 _____ (Farbar) C:\Users\Cyberport\Desktop\FRST64.exe
2015-04-06 05:19 - 2015-04-06 05:19 - 00000188 _____ () C:\CD Drive.lnk
2015-04-06 01:24 - 2015-04-06 01:24 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-06 01:23 - 2015-04-06 01:23 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-06 01:23 - 2015-04-06 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-06 01:23 - 2015-04-06 01:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-06 01:23 - 2015-04-06 01:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-06 01:23 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-04-06 01:23 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-04-06 01:23 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-04-06 01:16 - 2015-04-06 00:48 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Cyberport\Desktop\mbam-setup-2.1.4.1018.exe
2015-03-23 18:35 - 2015-03-23 20:03 - 00143328 _____ () C:\OTL.Txt
2015-03-23 10:34 - 2015-03-23 10:34 - 00000036 _____ () C:\Users\Cyberport\AppData\Roaming\url.txt
2015-03-20 11:24 - 2015-03-20 11:24 - 00003470 _____ () C:\windows\System32\Tasks\{6D729264-500E-475E-B671-3A85B7151DFA}
2015-03-20 11:22 - 2015-03-20 11:22 - 00003702 _____ () C:\windows\System32\Tasks\{6A947401-EDCD-4E7E-8DA6-8550787FA20A}
2015-03-20 10:42 - 2015-03-20 10:42 - 00003130 _____ () C:\windows\System32\Tasks\{0EB9849A-765A-40FB-A33E-D963182FC0D8}
2015-03-15 15:44 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-15 15:44 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-15 15:44 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-15 15:44 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-15 15:44 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-15 15:44 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-15 15:44 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-15 15:44 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-15 15:44 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-15 15:44 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-15 15:44 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-15 15:44 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-15 15:44 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-03-15 15:44 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-15 15:44 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-15 15:44 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-15 15:44 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-15 15:44 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-15 15:44 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-15 15:44 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-15 15:44 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-15 15:44 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-15 15:44 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-15 15:44 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-15 15:44 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-15 15:44 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-15 15:44 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-15 15:44 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-15 15:44 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-03-15 15:44 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-03-15 15:44 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-15 15:43 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-15 15:43 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-15 15:43 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-15 15:43 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-15 15:43 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-15 15:43 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-15 15:43 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-15 15:43 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-15 15:43 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-15 15:43 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-15 15:43 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-15 15:43 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-15 15:43 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-15 15:43 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-15 15:43 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-15 15:43 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-15 15:43 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-15 15:43 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-15 15:43 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-15 15:43 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-15 15:43 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-15 15:43 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-15 15:43 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-15 15:43 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-15 15:43 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-03-15 15:43 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-15 15:43 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-15 15:43 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-15 15:43 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-15 15:43 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-15 15:43 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-15 15:43 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-15 15:43 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-15 15:43 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-15 15:43 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-15 15:43 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-15 15:43 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-15 15:43 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-15 15:43 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-15 15:43 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-15 15:43 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-03-15 15:43 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-03-15 15:43 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-03-15 15:43 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-15 15:43 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-15 15:43 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-15 15:43 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-15 15:43 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-15 15:43 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-15 15:43 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-03-15 15:43 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-15 15:43 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-15 15:43 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-03-15 15:43 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-15 15:43 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-15 15:42 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-15 15:42 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-15 15:42 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-15 15:42 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-15 15:42 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-15 15:42 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-15 15:42 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-15 15:42 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-15 15:42 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-15 15:42 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-15 15:42 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-15 15:42 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-15 15:42 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-15 15:42 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-15 15:42 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-15 15:42 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-15 15:42 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-15 15:42 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-15 15:42 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-15 15:42 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-15 15:42 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-15 15:42 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-15 15:42 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-15 15:42 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-15 15:42 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-15 15:42 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-15 15:42 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-15 15:42 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-15 15:42 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-15 15:42 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-15 15:42 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-15 15:42 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-15 15:42 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-15 15:42 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-15 15:42 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-15 15:42 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-15 15:42 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-15 15:42 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-15 15:42 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-15 15:42 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-15 15:42 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-15 15:42 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-15 15:42 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-15 15:42 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-15 15:42 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-15 15:42 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-15 15:42 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-15 15:42 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-15 15:42 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-15 15:42 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-15 15:42 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-15 15:42 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-15 15:42 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-15 15:42 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-15 15:42 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-15 15:42 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-15 15:42 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-15 15:42 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-15 15:42 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-15 15:42 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-15 15:42 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-15 15:42 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-15 15:42 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-06 17:37 - 2011-09-21 07:27 - 01999791 _____ () C:\windows\WindowsUpdate.log
2015-04-06 17:36 - 2011-09-21 02:07 - 01083274 _____ () C:\windows\system32\perfh007.dat
2015-04-06 17:36 - 2011-09-21 02:07 - 00272054 _____ () C:\windows\system32\perfc007.dat
2015-04-06 17:36 - 2009-07-14 07:13 - 00006264 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-06 17:33 - 2012-11-11 17:31 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\.oit
2015-04-06 17:31 - 2012-02-10 22:47 - 00000043 _____ () C:\windows\MezzmoMediaServer.INI
2015-04-06 17:31 - 2011-12-16 12:53 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-06 17:31 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-06 17:31 - 2009-07-14 06:51 - 00115654 _____ () C:\windows\setupact.log
2015-04-06 12:01 - 2013-11-09 16:23 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2015-04-06 12:01 - 2013-11-09 16:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-04-06 12:01 - 2012-08-11 13:51 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2015-04-06 12:00 - 2010-11-21 05:47 - 00520676 _____ () C:\windows\PFRO.log
2015-04-06 05:08 - 2011-09-20 15:37 - 00000000 ____D () C:\Program Files\Diskeeper Corporation
2015-04-06 03:41 - 2012-09-01 11:04 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2015-04-06 03:06 - 2009-07-14 06:45 - 00031808 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-06 03:06 - 2009-07-14 06:45 - 00031808 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-06 03:00 - 2013-03-11 23:25 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-06 02:26 - 2012-09-01 10:59 - 00000000 ____D () C:\Users\Cyberport\Downloads\MAGIX_Video_deluxe_MX_Premium_18
2015-04-06 00:31 - 2011-12-11 00:05 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2015-04-06 00:12 - 2013-06-21 11:10 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-23 18:43 - 2013-07-21 23:57 - 00000000 ____D () C:\Users\Cyberport\Documents\Usenet.nl
2015-03-23 18:31 - 2011-11-17 15:08 - 00000000 ____D () C:\Users\Cyberport
2015-03-23 11:01 - 2014-01-09 10:54 - 00000644 _____ () C:\windows\Tasks\WebContent AutoUpdate 2013.job
2015-03-23 10:34 - 2013-07-21 23:57 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\Usenet.nl
2015-03-23 10:06 - 2012-01-07 20:37 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-20 21:34 - 2012-01-03 21:10 - 00000000 ____D () C:\Users\Cyberport\AppData\Local\CrashDumps
2015-03-20 12:05 - 2013-07-21 23:57 - 00000000 ____D () C:\Program Files (x86)\Usenet.nl
2015-03-20 11:26 - 2014-06-30 11:26 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\Azureus
2015-03-20 11:11 - 2011-12-13 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS3
2015-03-20 09:00 - 2014-01-09 10:54 - 00000488 _____ () C:\windows\Tasks\AutoUpdate Allplan 2013.job
2015-03-18 09:33 - 2012-02-29 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-03-18 09:33 - 2011-12-11 21:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-18 09:32 - 2012-03-11 21:14 - 00000000 ____D () C:\Users\Cyberport\AppData\Roaming\HpUpdate
2015-03-18 08:54 - 2015-03-05 20:02 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-15 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-03-15 19:31 - 2009-07-14 06:45 - 00708120 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-15 19:29 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-15 19:29 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-15 19:04 - 2013-01-29 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-15 19:03 - 2012-03-24 01:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-15 18:35 - 2013-07-25 00:31 - 00000000 ____D () C:\windows\system32\MRT
2015-03-15 17:59 - 2011-12-16 11:42 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-15 15:05 - 2015-01-05 22:26 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-15 15:05 - 2014-06-17 03:02 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-15 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\tracing
2015-03-15 15:04 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions

==================== Files in the root of some directories =======

2015-03-23 10:34 - 2015-03-23 10:34 - 0000036 _____ () C:\Users\Cyberport\AppData\Roaming\url.txt
2012-02-20 08:21 - 2014-06-30 10:39 - 0011264 _____ () C:\Users\Cyberport\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-12 11:05 - 2012-02-12 11:05 - 0007597 _____ () C:\Users\Cyberport\AppData\Local\Resmon.ResmonCfg
2011-12-11 01:13 - 2012-02-09 17:05 - 0001940 _____ () C:\Users\Cyberport\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2013-05-07 11:21 - 2013-05-07 11:21 - 0000034 _____ () C:\ProgramData\ArchCfgSave17.txt
2012-02-29 16:51 - 2012-11-21 21:39 - 0002384 _____ () C:\ProgramData\hpzinstall.log
2012-08-17 14:58 - 2012-08-17 14:58 - 0001736 _____ () C:\ProgramData\__wdump.txt
2011-09-20 15:43 - 2011-09-20 15:44 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-09-20 15:38 - 2011-09-20 15:38 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-09-20 15:41 - 2011-09-20 15:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-20 15:38 - 2011-09-20 15:41 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-09-20 15:42 - 2011-09-20 15:43 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Cyberport\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Cyberport\AppData\Local\Temp\WUAuthHost.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-15 22:44

==================== End Of Log ============================
         
--- --- ---

--- --- ---


die hatte noch gefehlt!

Alt 06.04.2015, 16:53   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
akm strafzahlung - Standard

akm strafzahlung



Kannst Du bitte noch die FRST.txt posten?

Und das hier hätte ich auch gern:


Upload FRST-Quarantaine
Schritt 1


Upload:
  • Link zum Upload-Channel.
  • Deaktiviere Dein Anti-Viren-Programm.
  • Gehe zum Ordner C:\FRST\Quarantine.
  • Rechtsklicke auf den Ordner Quarantine und wähle > Senden an > Zip-komprimierter Ordner.
  • Es wird eine zip-Datei mit dem Namen Quarantine.zip im Ordner FRST erstellt.
  • Klicke auf der Seite des Upload-Channels auf
  • Kopiere folgende Zeile(n) in das Dateiname-Feld und anschließend jeweils auf Öffnen.
    Code:
    ATTFilter
    C:\FRST\Quarantine.zip
             

Bitte um Rückmeldung ob es geklappt hat!
Danke für Deine Hilfe!
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 06.04.2015, 17:02   #10
mariod
 
akm strafzahlung - Standard

akm strafzahlung



hmm, der link zum thema im forum wird nicht akzeptiert!

mache ich da evtl. noch etwas falsch?

Alt 06.04.2015, 17:12   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
akm strafzahlung - Standard

akm strafzahlung



Code:
ATTFilter
http://www.trojaner-board.de/165832-akm-strafzahlung.html
         
meinst den da?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu akm strafzahlung
abgesicherte, abgesicherten, akm strafzahlung, anzeige, betriebssystem, bild, bildschirm, computer, folge, folgendes, gefunde, gesperrt, modus, musik, nicht mehr, nichts, normale, normalen, phänomen, problem, raubkopie, raubkopien, starte, windows, windows 7, wirklich





Zum Thema akm strafzahlung - hallo! ich habe folgendes problem: mein computer ( betriebssystem = windows 7 ) zeigt mir ein bild am bildschirm, wo drauf steht, dass mein computer gesperrt wurde. akm hätte raubkopien - akm strafzahlung...
Archiv
Du betrachtest: akm strafzahlung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.